var-201302-0020
Vulnerability from variot
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. (DoS) An attack may be carried out. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists due to insufficient checks during deserialization in the NativeJavaConstructor class that is part of the Rhino JavaScript Engine. This allows for the construction of otherwise privileged objects which can lead to remote code execution under the context of the current user. Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. This vulnerability affects the following supported versions: 7 Update 11, 6 Update 38. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03714148
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03714148 Version: 1
HPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2013-03-25 Last Updated: 2013-03-22
Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities?
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. HP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.04 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0169 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0431 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0437 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0 CVE-2013-0444 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0449 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1484 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1485 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1486 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1487 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1489 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1493 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location
http://www.hp.com/java
HP-UX B.11.23, B.11.31 JDK and JRE v7.0.05 or subsequent
MANUAL ACTIONS: Yes - Update For Java v7.0 update to Java v7.0.05 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk70.JDK70-COM Jdk70.JDK70-DEMO Jdk70.JDK70-IPF32 Jdk70.JDK70-IPF64 Jre70.JRE70-COM Jre70.JRE70-IPF32 Jre70.JRE70-IPF32-HS Jre70.JRE70-IPF64 Jre70.JRE70-IPF64-HS action: install revision 1.7.0.04.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 25 March 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Download and install the updates from The HP Software Support Online (SSO). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2013:0236-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html Issue date: 2013-02-04 CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 =====================================================================
- Summary:
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481)
All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 39. All running instances of Oracle Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-1541.html https://www.redhat.com/security/data/cve/CVE-2012-3213.html https://www.redhat.com/security/data/cve/CVE-2012-3342.html https://www.redhat.com/security/data/cve/CVE-2013-0351.html https://www.redhat.com/security/data/cve/CVE-2013-0409.html https://www.redhat.com/security/data/cve/CVE-2013-0419.html https://www.redhat.com/security/data/cve/CVE-2013-0423.html https://www.redhat.com/security/data/cve/CVE-2013-0424.html https://www.redhat.com/security/data/cve/CVE-2013-0425.html https://www.redhat.com/security/data/cve/CVE-2013-0426.html https://www.redhat.com/security/data/cve/CVE-2013-0427.html https://www.redhat.com/security/data/cve/CVE-2013-0428.html https://www.redhat.com/security/data/cve/CVE-2013-0429.html https://www.redhat.com/security/data/cve/CVE-2013-0430.html https://www.redhat.com/security/data/cve/CVE-2013-0432.html https://www.redhat.com/security/data/cve/CVE-2013-0433.html https://www.redhat.com/security/data/cve/CVE-2013-0434.html https://www.redhat.com/security/data/cve/CVE-2013-0435.html https://www.redhat.com/security/data/cve/CVE-2013-0438.html https://www.redhat.com/security/data/cve/CVE-2013-0440.html https://www.redhat.com/security/data/cve/CVE-2013-0441.html https://www.redhat.com/security/data/cve/CVE-2013-0442.html https://www.redhat.com/security/data/cve/CVE-2013-0443.html https://www.redhat.com/security/data/cve/CVE-2013-0445.html https://www.redhat.com/security/data/cve/CVE-2013-0446.html https://www.redhat.com/security/data/cve/CVE-2013-0450.html https://www.redhat.com/security/data/cve/CVE-2013-1473.html https://www.redhat.com/security/data/cve/CVE-2013-1475.html https://www.redhat.com/security/data/cve/CVE-2013-1476.html https://www.redhat.com/security/data/cve/CVE-2013-1478.html https://www.redhat.com/security/data/cve/CVE-2013-1480.html https://www.redhat.com/security/data/cve/CVE-2013-1481.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy gqkoqFew2BZDYA/n817qYO8= =m5pJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Oracle Java Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52064
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
RELEASE DATE: 2013-02-02
DISCUSS ADVISORY: http://secunia.com/advisories/52064/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52064/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.
2) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.
5) An unspecified error in the AWT component of the client and server deployment can be exploited to potentially execute arbitrary code.
23) An unspecified error in the Deployment component of the client deployment can be exploited to disclose and manipulate certain data and cause a DoS.
24) An unspecified error in the Install component of the client deployment can be exploited by a local user to gain escalated privileges.
25) An unspecified error in the AWT component of the client deployment can be exploited to disclose and manipulate certain data.
26) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.
27) An unspecified error in the Deployment component of the client deployment can be exploited to manipulate certain data.
28) An unspecified error in the JAX-WS component of the client deployment can be exploited to disclose certain data.
29) An unspecified error in the JAXP component of the client deployment can be exploited to disclose certain data.
30) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.
31) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.
32) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.
33) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.
34) An unspecified error in the Networking component of the client deployment can be exploited to manipulate certain data.
35) An unspecified error in the RMI component of the client deployment can be exploited to manipulate certain data.
36) An unspecified error in the JSSE component of the server deployment can be exploited via SSL/TLS to cause a DoS.
37) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.
38) An unspecified error in the JSSE component of the client deployment can be exploited via SSL/TLS to disclose and manipulate certain data.
The vulnerabilities are reported in the following products: * JDK and JRE 7 Update 11 and earlier. * JDK and JRE 6 Update 38 and earlier. * JDK and JRE 5.0 Update 38 and earlier. * SDK and JRE 1.4.2_40 and earlier.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: One of the vulnerabilities is reported as a 0-day. It is currently unclear who reported the remaining vulnerabilities as the Oracle Jave SE Critical Patch Update for February 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.
ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201302-0020", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "sun", "version": "1.6.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "sun", "version": "1.6.0" }, { "model": "jre 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 8", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 35", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 14", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 20", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 32", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 38", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 35", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.7.0 10", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 8", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 14", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 10", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 37", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.7.0 11", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 12", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 7", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.7" }, { "model": "jre 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 01", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.7.0 4", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.7.0 9", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.7.0 9", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 38", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 11", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 11", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 7", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 32", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 4", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 11", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "oracle", "version": "1.7" }, { "model": "jdk 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7 and later" }, { "model": "mac os x", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.8 and later" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.6.8" }, { "model": "mac os x server", "scope": "eq", "trust": 0.8, "vendor": "apple", "version": "v10.7 and later" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "6 update 38" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "7 update 11" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "6 update 38" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "oracle", "version": "7 update 11" }, { "model": "jdk", "scope": "lte", "trust": 0.8, "vendor": "sun microsystems", "version": "6 update 21" }, { "model": "jre", "scope": "lte", "trust": 0.8, "vendor": "sun microsystems", "version": "6 update 21" }, { "model": "java runtime", "scope": null, "trust": 0.7, "vendor": "oracle", "version": null }, { "model": "jdk 01-b06", "scope": "eq", "trust": 0.6, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 2", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 01", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 20", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "linux enterprise software development kit sp2", "scope": "eq", "trust": 0.6, "vendor": "suse", "version": "11" }, { "model": "java se sr13", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "meeting exchange web conferencing server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "java sdk sr14", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5.0.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "network satellite (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6)5.5" }, { "model": "trio tview software", "scope": "eq", "trust": 0.3, "vendor": "schneider electric", "version": "3.27.0" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.1" }, { "model": "cms r15", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "nonstop server h06.16.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.1" }, { "model": "nonstop server h06.19.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.3" }, { "model": "java sdk sr15", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "jdk 01", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "nonstop server j06.08.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "cms r16.3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "nonstop server h06.15.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "meeting exchange client registration server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "trio tview software", "scope": "ne", "trust": 0.3, "vendor": "schneider electric", "version": "3.29.0" }, { "model": "nonstop server j06.06.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "nonstop server j06.14", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "call management system r16.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "java se sr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "websphere cast iron cloud integration", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "java sdk sr4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.09.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.3" }, { "model": "nonstop server j06.04.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.6" }, { "model": "tivoli business service manager", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.1.10" }, { "model": "network satellite (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5)5.5" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.11" }, { "model": "java se sr5", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.13", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.10" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "tivoli endpoint manager for remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.2.1" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "nonstop server j06.09.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.10" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.0" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.2" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "call management system r16.2", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "nonstop server h06.18.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java sdk sr3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.22.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere cast iron cloud integration physical applian", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.1" }, { "model": "nonstop server j06.12.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ir", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "java se sr4", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "tivoli system automation for integrated operations management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server j06.05.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.09.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.11" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "nonstop server j06.16", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java sdk sr3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "websphere operational decision management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5.0.0" }, { "model": "nonstop server j6.0.14.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "rational host on-demand", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.0.7" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "freeflow print server 73.c0.41", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.2" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.0.1" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "linux enterprise server sp3 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "websphere cast iron cloud integration live saas offeri", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.2" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "java sdk sr13", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "56009.7" }, { "model": "java sdk sr1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "9.30" }, { "model": "java sdk sr4", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.4" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "nonstop server j06.07.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java sdk sr5", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.09.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.10.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.31" }, { "model": "nonstop server j06.06.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.3" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server h06.24.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "nonstop server h06.25", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere ilog jrules", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "nonstop server h06.15.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "conferencing standard edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "cms r17", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "java se sr11", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "15" }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "7.11" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "websphere cast iron cloud integration", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5.1.2" }, { "model": "websphere cast iron cloud integration virtual applianc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "nonstop server j06.07.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux enterprise server for vmware sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.1" }, { "model": "nonstop server j06.08.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux enterprise server sp1 for vmware lt", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "java se sr1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server h06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.24", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "nonstop server h06.16.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.18.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.20.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2" }, { "model": "call management system r16.3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "freeflow print server 73.c5.11", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "voice portal sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "tivoli endpoint manager for remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.3" }, { "model": "nonstop server j06.13.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "nonstop server h06.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli system automation for integrated operations management", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.1.1.4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.3" }, { "model": "meeting exchange streaming server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "nonstop server h06.19.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16" }, { "model": "java sdk sr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.5" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.3" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "servicecenter web tier", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.8" }, { "model": "nonstop server h06.22.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2" }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "meeting exchange recording server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "nonstop server h06.19.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "9.31" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.0.5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.1" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.1" }, { "model": "nonstop server j06.11.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "nonstop server j06.15", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "aura experience portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.21.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "nonstop server h06.20.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura presence services sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura presence services sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "websphere operational decision management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.1" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.4" }, { "model": "nonstop server j06.05.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server j06.07.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.2" }, { "model": "nonstop server h06.21.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.19.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.4" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.2" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.2" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "nonstop server j06.11.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux enterprise server sp1 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "messaging application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux enterprise java sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.2" }, { "model": "nonstop server j06.04.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere cast iron cloud integration studio", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "aura conferencing sp1 standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.3" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "nonstop server j06.04.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.06.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.0.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.21.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53003.0" }, { "model": "nonstop server j06.06.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.4" }, { "model": "nonstop server h06.17.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "aura experience portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.5" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "cms r16", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "aura system manager sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "jdk 1.6.0 01-b06", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "aura conferencing", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server h06.20.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "conferencing standard edition", "scope": "ne", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "meeting exchange webportal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "nonstop server j06.10.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "nonstop server h06.17.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "enterprise linux hpc node supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "nonstop server h06.16.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.0.9.8" }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "nonstop server j06.05.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "linux enterprise java sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "rational host on-demand", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.0" }, { "model": "java se sr12", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "nonstop server h06.20.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "service manager p2", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "9.31.2004" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.11" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server j06.09.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0.1" }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "nonstop server h06.17.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura conferencing standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server j06.10.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "nonstop server h06.25.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.18.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.1" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "nonstop server h06.27", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.17.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.30" }, { "model": "nonstop server j06.14.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "BID", "id": "57717" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "NVD", "id": "CVE-2012-3213" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2012-3213" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "James Forshaw (tyranid)", "sources": [ { "db": "ZDI", "id": "ZDI-13-011" } ], "trust": 0.7 }, "cve": "CVE-2012-3213", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 10.0, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 10.0, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2012-3213", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "ZDI", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "CVE-2012-3213", "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "HIGH", "trust": 0.7, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2012-3213", "trust": 1.8, "value": "HIGH" }, { "author": "ZDI", "id": "CVE-2012-3213", "trust": 0.7, "value": "HIGH" } ] } ], "sources": [ { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "NVD", "id": "CVE-2012-3213" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. (DoS) An attack may be carried out. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists due to insufficient checks during deserialization in the NativeJavaConstructor class that is part of the Rhino JavaScript Engine. This allows for the construction of otherwise privileged objects which can lead to remote code execution under the context of the current user. \nNote: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. \nThis vulnerability affects the following supported versions:\n7 Update 11, 6 Update 38. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03714148\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03714148\nVersion: 1\n\nHPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized\nAccess, Disclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2013-03-25\nLast Updated: 2013-03-22\n\nPotential Security Impact: Remote unauthorized access, disclosure of\ninformation, and other vulnerabilities?\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nPotential security vulnerabilities have been identified in Java Runtime\nEnvironment (JRE) and Java Developer Kit (JDK) running on HP-UX. These\nvulnerabilities could allow remote unauthorized access, disclosure of\ninformation, and other exploits. \nHP-UX B.11.23, and B.11.31 running HP JDK and JRE v7.0.04 and earlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0169 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6\nCVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0431 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0437 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0\nCVE-2013-0444 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0449 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1484 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1485 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-1486 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1487 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1489 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1493 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \nThe upgrade is available from the following location\n\nhttp://www.hp.com/java\n\nHP-UX B.11.23, B.11.31\n JDK and JRE v7.0.05 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v7.0 update to Java v7.0.05 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk70.JDK70-COM\nJdk70.JDK70-DEMO\nJdk70.JDK70-IPF32\nJdk70.JDK70-IPF64\nJre70.JRE70-COM\nJre70.JRE70-IPF32\nJre70.JRE70-IPF32-HS\nJre70.JRE70-IPF64\nJre70.JRE70-IPF64-HS\naction: install revision 1.7.0.04.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 25 March 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. \nDownload and install the updates from The HP Software Support Online (SSO). -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.6.0-sun security update\nAdvisory ID: RHSA-2013:0236-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html\nIssue date: 2013-02-04\nCVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 \n CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 \n CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 \n CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 \n CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 \n CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 \n CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 \n CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 \n CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 \n CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 \n CVE-2013-1480 CVE-2013-1481 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-sun packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. \n(CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409,\nCVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426,\nCVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432,\nCVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440,\nCVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,\nCVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478,\nCVE-2013-1480, CVE-2013-1481)\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide Oracle Java 6 Update 39. All running instances of\nOracle Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)\n860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)\n906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)\n906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)\n906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)\n906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977)\n906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057)\n906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325)\n906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)\n906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install)\n906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29)\n907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952)\n907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting)\n907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound)\n907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX)\n907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)\n907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509)\n907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528)\n907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)\n907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)\n907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)\n907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)\n907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066)\n907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-1541.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3213.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3342.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0351.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0409.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0423.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0425.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0426.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0427.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0428.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0432.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0433.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0434.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0435.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0438.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0440.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0441.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0442.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0443.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0445.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0446.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0450.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1473.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1475.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1476.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1478.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1480.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1481.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy\ngqkoqFew2BZDYA/n817qYO8=\n=m5pJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Java Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52064\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52064/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nRELEASE DATE:\n2013-02-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52064/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52064/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Oracle Java, which can\nbe exploited by malicious local users to gain escalated privileges and\nby malicious people to disclose certain sensitive information,\nmanipulate certain data, cause a DoS (Denial of Service), and\ncompromise a vulnerable system. \n\n1) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n2) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n5) An unspecified error in the AWT component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n23) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose and manipulate certain data\nand cause a DoS. \n\n24) An unspecified error in the Install component of the client\ndeployment can be exploited by a local user to gain escalated\nprivileges. \n\n25) An unspecified error in the AWT component of the client\ndeployment can be exploited to disclose and manipulate certain data. \n\n26) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n27) An unspecified error in the Deployment component of the client\ndeployment can be exploited to manipulate certain data. \n\n28) An unspecified error in the JAX-WS component of the client\ndeployment can be exploited to disclose certain data. \n\n29) An unspecified error in the JAXP component of the client\ndeployment can be exploited to disclose certain data. \n\n30) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n31) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n32) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n33) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n34) An unspecified error in the Networking component of the client\ndeployment can be exploited to manipulate certain data. \n\n35) An unspecified error in the RMI component of the client\ndeployment can be exploited to manipulate certain data. \n\n36) An unspecified error in the JSSE component of the server\ndeployment can be exploited via SSL/TLS to cause a DoS. \n\n37) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n38) An unspecified error in the JSSE component of the client\ndeployment can be exploited via SSL/TLS to disclose and manipulate\ncertain data. \n\nThe vulnerabilities are reported in the following products:\n* JDK and JRE 7 Update 11 and earlier. \n* JDK and JRE 6 Update 38 and earlier. \n* JDK and JRE 5.0 Update 38 and earlier. \n* SDK and JRE 1.4.2_40 and earlier. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nOne of the vulnerabilities is reported as a 0-day. It is currently\nunclear who reported the remaining vulnerabilities as the Oracle Jave\nSE Critical Patch Update for February 2013 only provides a bundled\nlist of credits. This section will be updated when/if the original\nreporter provides more information. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2012-3213" }, { "db": "CERT/CC", "id": "VU#858729" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "BID", "id": "57717" }, { "db": "PACKETSTORM", "id": "120971" }, { "db": "PACKETSTORM", "id": "120739" }, { "db": "PACKETSTORM", "id": "123874" }, { "db": "PACKETSTORM", "id": "120735" }, { "db": "PACKETSTORM", "id": "121464" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" } ], "trust": 3.87 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2012-3213", "trust": 3.4 }, { "db": "CERT/CC", "id": "VU#858729", "trust": 2.9 }, { "db": "USCERT", "id": "TA13-032A", "trust": 1.8 }, { "db": "BID", "id": "57717", "trust": 1.3 }, { "db": "ZDI", "id": "ZDI-13-011", "trust": 1.0 }, { "db": "JVNDB", "id": "JVNDB-2013-001363", "trust": 0.8 }, { "db": "ZDI_CAN", "id": "ZDI-CAN-1587", "trust": 0.7 }, { "db": "ICS CERT", "id": "ICSA-17-213-02", "trust": 0.3 }, { "db": "PACKETSTORM", "id": "120971", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120739", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "123874", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120735", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "121464", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120030", "trust": 0.1 }, { "db": "SECUNIA", "id": "52064", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120009", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "BID", "id": "57717" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "PACKETSTORM", "id": "120971" }, { "db": "PACKETSTORM", "id": "120739" }, { "db": "PACKETSTORM", "id": "123874" }, { "db": "PACKETSTORM", "id": "120735" }, { "db": "PACKETSTORM", "id": "121464" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "NVD", "id": "CVE-2012-3213" } ] }, "id": "VAR-201302-0020", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 1.0 }, "last_update_date": "2024-07-04T22:30:20.317000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Oracle Java SE Critical Patch Update Advisory - February 2013", "trust": 1.5, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" }, { "title": "HT5647", "trust": 0.8, "url": "http://support.apple.com/kb/ht5647" }, { "title": "HT5666", "trust": 0.8, "url": "http://support.apple.com/kb/ht5666" }, { "title": "HT5666", "trust": 0.8, "url": "http://support.apple.com/kb/ht5666?viewlocale=ja_jp" }, { "title": "HPSBUX02864 SSRT101156", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c03725347" }, { "title": "HPSBMU02874 SSRT101184", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c03748879" }, { "title": "HPSBUX02857 SSRT101103", "trust": 0.8, "url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c03714148" }, { "title": "Text Form of Oracle Java SE Critical Patch Update - February 2013 Risk Matrices", "trust": 0.8, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html" }, { "title": "RHSA-2013:1455", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html" }, { "title": "RHSA-2013:1456", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html" }, { "title": "RHSA-2013:0236", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-0236.html" }, { "title": "RHSA-2013:0237", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2013-0237.html" }, { "title": "February 2013 Critical Patch Update for Java SE Released", "trust": 0.8, "url": "https://blogs.oracle.com/security/entry/february_2013_critical_patch_update" }, { "title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b", "trust": 0.8, "url": "http://www.fmworld.net/biz/common/oracle/20130204.html" } ], "sources": [ { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2012-3213" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" }, { "trust": 2.1, "url": "http://www.kb.cert.org/vuls/id/858729" }, { "trust": 1.8, "url": "http://www.us-cert.gov/cas/techalerts/ta13-032a.html" }, { "trust": 1.1, "url": "http://rhn.redhat.com/errata/rhsa-2013-0236.html" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2" }, { "trust": 1.0, "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2" }, { "trust": 1.0, "url": "http://rhn.redhat.com/errata/rhsa-2013-0237.html" }, { "trust": 1.0, "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html" }, { "trust": 1.0, "url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html" }, { "trust": 1.0, "url": "http://www.securityfocus.com/bid/57717" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16512" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19119" }, { "trust": 1.0, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19464" }, { "trust": 0.9, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html" }, { "trust": 0.8, "url": "http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012" }, { "trust": 0.8, "url": "http://codeascraft.etsy.com/2013/03/18/java-not-even-once/" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2013/05/29/java-when-you-cannot-let-go.aspx" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3213" }, { "trust": 0.8, "url": "http://www.ipa.go.jp/security/ciadr/vul/20130204-jre.html" }, { "trust": 0.8, "url": "https://www.jpcert.or.jp/at/2013/at130007.txt" }, { "trust": 0.8, "url": "http://jvn.jp/cert/jvnta13-032a" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3213" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0428" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0351" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0433" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0435" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0409" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0419" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0438" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0434" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0432" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0426" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0440" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0427" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0423" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0425" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0424" }, { "trust": 0.5, "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0429" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0437" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0442" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0446" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0441" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0443" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0431" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0445" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879" }, { "trust": 0.3, "url": "http://www.oracle.com/technetwork/java/index.html" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918" }, { "trust": 0.3, "url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf" }, { "trust": 0.3, "url": "http://www.zerodayinitiative.com/advisories/zdi-13-011/" }, { "trust": 0.3, "url": "http://support.apple.com/kb/ht5666" }, { "trust": 0.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02" }, { "trust": 0.3, "url": "http://prod.lists.apple.com/archives/security-announce/2013/feb/msg00000.html" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100171276" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650623" }, { "trust": 0.3, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879" }, { "trust": 0.3, "url": "http://h20565.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1\u0026ac.admitted=1378134276525.876444892.492883150" }, { "trust": 0.3, "url": "" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken\u0026javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643544" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034507" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634069" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635160" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21650822" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100169783" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633170" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635864" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642358" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21628927" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628250" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643618" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643513" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033920" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033922" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24031555" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034621" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633669" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169" }, { "trust": 0.3, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.3, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html" }, { "trust": 0.3, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html" }, { "trust": 0.3, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0430" }, { "trust": 0.2, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0444" }, { "trust": 0.2, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0450" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1473" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00424" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0436" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00422" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00426" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00420" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4301" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1543" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00421" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4305" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00423" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00419" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0439" }, { "trust": 0.2, "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00425" }, { "trust": 0.1, "url": "http://www.hp.com/java" }, { "trust": 0.1, "url": "https://www.hp.com/go/swa" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2013-0625.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0809" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1478" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1476" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00486" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00488" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00489" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00484" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00482" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00483" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00487" }, { "trust": 0.1, "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00485" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0431.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0437.html" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2013-0626.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0444.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0422" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0422.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1484.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-3174.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1485.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3174" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0449.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0430.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1475.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1475" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0429.html" }, { "trust": 0.1, "url": "http://secunia.com/advisories/52064/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/52064/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/blog/325/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "BID", "id": "57717" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "PACKETSTORM", "id": "120971" }, { "db": "PACKETSTORM", "id": "120739" }, { "db": "PACKETSTORM", "id": "123874" }, { "db": "PACKETSTORM", "id": "120735" }, { "db": "PACKETSTORM", "id": "121464" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "NVD", "id": "CVE-2012-3213" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "ZDI", "id": "ZDI-13-011" }, { "db": "BID", "id": "57717" }, { "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "db": "PACKETSTORM", "id": "120971" }, { "db": "PACKETSTORM", "id": "120739" }, { "db": "PACKETSTORM", "id": "123874" }, { "db": "PACKETSTORM", "id": "120735" }, { "db": "PACKETSTORM", "id": "121464" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "NVD", "id": "CVE-2012-3213" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-02-01T00:00:00", "db": "CERT/CC", "id": "VU#858729" }, { "date": "2013-02-11T00:00:00", "db": "ZDI", "id": "ZDI-13-011" }, { "date": "2013-02-01T00:00:00", "db": "BID", "id": "57717" }, { "date": "2013-02-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "date": "2013-03-27T14:12:55", "db": "PACKETSTORM", "id": "120971" }, { "date": "2013-03-11T22:52:28", "db": "PACKETSTORM", "id": "120739" }, { "date": "2013-11-01T13:37:00", "db": "PACKETSTORM", "id": "123874" }, { "date": "2013-03-11T22:51:48", "db": "PACKETSTORM", "id": "120735" }, { "date": "2013-04-30T21:07:53", "db": "PACKETSTORM", "id": "121464" }, { "date": "2013-02-05T01:09:08", "db": "PACKETSTORM", "id": "120030" }, { "date": "2013-02-04T10:48:27", "db": "PACKETSTORM", "id": "120009" }, { "date": "2013-02-02T00:55:01.177000", "db": "NVD", "id": "CVE-2012-3213" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-14T00:00:00", "db": "CERT/CC", "id": "VU#858729" }, { "date": "2013-02-11T00:00:00", "db": "ZDI", "id": "ZDI-13-011" }, { "date": "2017-08-03T11:09:00", "db": "BID", "id": "57717" }, { "date": "2013-11-15T00:00:00", "db": "JVNDB", "id": "JVNDB-2013-001363" }, { "date": "2022-05-13T14:52:52.767000", "db": "NVD", "id": "CVE-2012-3213" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "57717" } ], "trust": 0.3 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oracle Java contains multiple vulnerabilities", "sources": [ { "db": "CERT/CC", "id": "VU#858729" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "57717" } ], "trust": 0.3 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.