rhsa-2012_1391
Vulnerability from csaf_redhat
Published
2012-10-18 16:41
Modified
2024-11-05 17:53
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,
CVE-2012-3216, CVE-2012-4416, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069,
CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074,
CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081,
CVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087,
CVE-2012-5088, CVE-2012-5089)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 9. All running instances of
Oracle Java must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-oracle packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159,\nCVE-2012-3216, CVE-2012-4416, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069,\nCVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074,\nCVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081,\nCVE-2012-5083, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087,\nCVE-2012-5088, CVE-2012-5089)\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 9. All running instances of\nOracle Java must be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2012:1391", "url": "https://access.redhat.com/errata/RHSA-2012:1391" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" }, { "category": "external", "summary": "856124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=856124" }, { "category": "external", "summary": "865346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865346" }, { "category": "external", "summary": "865348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865348" }, { "category": "external", "summary": "865350", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865350" }, { "category": "external", "summary": "865352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865352" }, { "category": "external", "summary": "865354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865354" }, { "category": "external", "summary": "865357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865357" }, { "category": "external", "summary": "865359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865359" }, { "category": "external", "summary": "865363", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865363" }, { "category": "external", "summary": "865365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865365" }, { "category": "external", "summary": "865370", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865370" }, { "category": "external", "summary": "865428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865428" }, { "category": "external", "summary": "865434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865434" }, { "category": "external", "summary": "865471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865471" }, { "category": "external", "summary": "865511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865511" }, { "category": "external", "summary": "865514", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865514" }, { "category": "external", "summary": "865519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865519" }, { "category": "external", "summary": "865531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865531" }, { "category": "external", "summary": "865541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865541" }, { "category": "external", "summary": "865568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865568" }, { "category": "external", "summary": "867185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867185" }, { "category": "external", "summary": "867186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867186" }, { "category": "external", "summary": "867187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867187" }, { "category": "external", "summary": "867189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867189" }, { "category": "external", "summary": "867190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867190" }, { "category": "external", "summary": "867192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867192" }, { "category": "external", "summary": "867193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867193" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2012/rhsa-2012_1391.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-11-05T17:53:00+00:00", "generator": { "date": "2024-11-05T17:53:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2012:1391", "initial_release_date": "2012-10-18T16:41:00+00:00", "revision_history": [ { "date": "2012-10-18T16:41:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2012-10-18T16:44:09+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T17:53:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.9-1jpp.3.el6_3?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.9-1jpp.3.el6_3?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.3.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2012-1531", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867185" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1531" }, { "category": "external", "summary": "RHBZ#867185", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867185" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1531", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1531" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1531", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1531" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability (2D)" }, { "cve": "CVE-2012-1532", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867186" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1532" }, { "category": "external", "summary": "RHBZ#867186", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867186" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1532", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1532" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability (Deployment)" }, { "cve": "CVE-2012-1533", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867187" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-3159.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-1533" }, { "category": "external", "summary": "RHBZ#867187", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867187" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-1533", "url": "https://www.cve.org/CVERecord?id=CVE-2012-1533" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-1533", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1533" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability (Deployment)" }, { "cve": "CVE-2012-3143", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867189" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (JMX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3143" }, { "category": "external", "summary": "RHBZ#867189", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867189" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3143", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3143" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3143", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3143" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability (JMX)" }, { "cve": "CVE-2012-3159", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867190" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1533.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3159" }, { "category": "external", "summary": "RHBZ#867190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3159", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3159" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3159", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3159" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability (Deployment)" }, { "cve": "CVE-2012-3216", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865346" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-3216" }, { "category": "external", "summary": "RHBZ#865346", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865346" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-3216", "url": "https://www.cve.org/CVERecord?id=CVE-2012-3216" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-3216", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-3216" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: java.io.FilePermission information leak (Libraries, 6631398)" }, { "cve": "CVE-2012-4416", "discovery_date": "2012-09-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "856124" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-4416" }, { "category": "external", "summary": "RHBZ#856124", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=856124" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-4416", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-4416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-09-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: uninitialized Array JVM memory disclosure (Hotspot, 7198606)" }, { "cve": "CVE-2012-5067", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867192" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5067" }, { "category": "external", "summary": "RHBZ#867192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867192" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5067", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5067" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5067", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5067" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability (Deployment)" }, { "cve": "CVE-2012-5068", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865348" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5068" }, { "category": "external", "summary": "RHBZ#865348", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865348" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5068", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5068" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5068", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5068" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: RhinoScriptEngine security bypass (Scripting, 7143535)" }, { "cve": "CVE-2012-5069", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865531" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Executors state handling issues (Concurrency, 7189103)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5069" }, { "category": "external", "summary": "RHBZ#865531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865531" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5069", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5069" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5069", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5069" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: Executors state handling issues (Concurrency, 7189103)" }, { "cve": "CVE-2012-5070", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865350" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, related to JMX.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: EnvHelp information disclosure (JMX, 7158796)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5070" }, { "category": "external", "summary": "RHBZ#865350", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865350" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5070", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5070" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5070", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5070" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: EnvHelp information disclosure (JMX, 7158796)" }, { "cve": "CVE-2012-5071", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865519" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5071" }, { "category": "external", "summary": "RHBZ#865519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5071", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5071" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5071", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5071" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DescriptorSupport insufficient package access checks (JMX, 7192975)" }, { "cve": "CVE-2012-5072", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865365" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5072" }, { "category": "external", "summary": "RHBZ#865365", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865365" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5072", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5072" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5072", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5072" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: AccessController.doPrivilegedWithCombiner() information disclosure (Security, 7172522)" }, { "cve": "CVE-2012-5073", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865357" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5079.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LogManager security bypass (Libraries, 7169884)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5073" }, { "category": "external", "summary": "RHBZ#865357", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865357" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5073", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5073" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5073", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5073" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: LogManager security bypass (Libraries, 7169884)" }, { "cve": "CVE-2012-5074", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865359" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5074" }, { "category": "external", "summary": "RHBZ#865359", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865359" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5074", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5074" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7169887)" }, { "cve": "CVE-2012-5075", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865363" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5075" }, { "category": "external", "summary": "RHBZ#865363", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865363" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5075", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5075" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5075", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5075" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: RMIConnectionImpl information disclosure (JMX, 7169888)" }, { "cve": "CVE-2012-5076", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865352" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5076" }, { "category": "external", "summary": "RHBZ#865352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865352" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5076", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5076" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5076", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5076" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-03-28T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: com.sun.org.glassfish.* not restricted packages (JAX-WS, 7163198)" }, { "cve": "CVE-2012-5077", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865354" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5077" }, { "category": "external", "summary": "RHBZ#865354", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865354" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5077", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5077" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5077", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5077" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: SecureRandom mulitple seeders information disclosure (Security, 7167656)" }, { "cve": "CVE-2012-5079", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865568" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries, a different vulnerability than CVE-2012-5073.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5079" }, { "category": "external", "summary": "RHBZ#865568", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865568" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5079", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5079" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5079", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5079" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: ServiceLoader reject not subtype classes without instantiating (Libraries, 7195919)" }, { "cve": "CVE-2012-5081", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865370" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JSSE denial of service (JSSE, 7186286)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5081" }, { "category": "external", "summary": "RHBZ#865370", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865370" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5081", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5081" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5081", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5081" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: JSSE denial of service (JSSE, 7186286)" }, { "cve": "CVE-2012-5083", "discovery_date": "2012-10-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "867193" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5083" }, { "category": "external", "summary": "RHBZ#867193", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867193" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5083", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5083" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5083", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5083" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability (2D)" }, { "cve": "CVE-2012-5084", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865511" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5084" }, { "category": "external", "summary": "RHBZ#865511", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865511" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5084", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5084" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5084", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5084" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: DefaultFormatter insufficient data validation (Swing, 7195194)" }, { "cve": "CVE-2012-5085", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865541" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: disable Gopher support by default (Gopher, 7189567)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5085" }, { "category": "external", "summary": "RHBZ#865541", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865541" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5085", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5085" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5085", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5085" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 0.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:N", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: disable Gopher support by default (Gopher, 7189567)" }, { "cve": "CVE-2012-5086", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865428" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5086" }, { "category": "external", "summary": "RHBZ#865428", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865428" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5086", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5086" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5086", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5086" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: XMLDecoder sandbox restriction bypass (Beans, 7195917)" }, { "cve": "CVE-2012-5087", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865434" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5087" }, { "category": "external", "summary": "RHBZ#865434", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865434" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5087", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5087" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5087", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5087" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: PropertyElementHandler insufficient access checks (Beans, 7195549)" }, { "cve": "CVE-2012-5088", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865471" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5088" }, { "category": "external", "summary": "RHBZ#865471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5088", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5088" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5088", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5088" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: MethodHandle insufficient access control checks (Libraries, 7196190)" }, { "cve": "CVE-2012-5089", "discovery_date": "2012-10-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "865514" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2012-5089" }, { "category": "external", "summary": "RHBZ#865514", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865514" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2012-5089", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5089" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-5089", "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-5089" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html" } ], "release_date": "2012-10-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2012-10-18T16:41:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2012:1391" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Client-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6ComputeNode-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Server-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-devel-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-javafx-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-jdbc-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-plugin-1:1.7.0.9-1jpp.3.el6_3.x86_64", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.i686", "6Workstation-Supplementary-6.3.z:java-1.7.0-oracle-src-1:1.7.0.9-1jpp.3.el6_3.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: RMIConnectionImpl insufficient access control checks (JMX, 7198296)" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.