Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-5083

Summary
Assigner-oracle
Assigner Org ID-43595867-4340-4103-b7a2-9a5208d29a85
Published At-16 Oct, 2012 | 21:29
Updated At-06 Aug, 2024 | 20:58
Rejected At-
Credits

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:oracle
Assigner Org ID:43595867-4340-4103-b7a2-9a5208d29a85
Published At:16 Oct, 2012 | 21:29
Updated At:06 Aug, 2024 | 20:58
Rejected At:
â–¼CVE Numbering Authority (CNA)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/51313
third-party-advisory
x_refsource_SECUNIA
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
vendor-advisory
x_refsource_SUSE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
vdb-entry
signature
x_refsource_OVAL
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/56025
vdb-entry
x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2012-1466.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/51315
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/51438
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/51141
third-party-advisory
x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=135758563611658&w=2
vendor-advisory
x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
vendor-advisory
x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
vdb-entry
x_refsource_XF
http://rhn.redhat.com/errata/RHSA-2013-1455.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2012-1391.html
vendor-advisory
x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg21620037
x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=135758563611658&w=2
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/51390
third-party-advisory
x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2012-1392.html
vendor-advisory
x_refsource_REDHAT
http://www-01.ibm.com/support/docview.wss?uid=swg21631786
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
vendor-advisory
x_refsource_SUSE
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
x_refsource_CONFIRM
http://secunia.com/advisories/51327
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2012-1467.html
vendor-advisory
x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2012-1465.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/51328
third-party-advisory
x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=135542848327757&w=2
vendor-advisory
x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-1456.html
vendor-advisory
x_refsource_REDHAT
http://secunia.com/advisories/51393
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
x_refsource_CONFIRM
http://secunia.com/advisories/51326
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
http://www-01.ibm.com/support/docview.wss?uid=swg21625794
x_refsource_CONFIRM
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=135542848327757&w=2
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/51313
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/56025
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1466.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/51315
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/51438
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/51141
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1391.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21620037
Resource:
x_refsource_CONFIRM
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/51390
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1392.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21631786
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/51327
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1465.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/51328
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://secunia.com/advisories/51393
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/51326
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21625794
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Resource:
x_refsource_CONFIRM
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Resource:
vendor-advisory
x_refsource_HP
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://secunia.com/advisories/51313
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/56025
vdb-entry
x_refsource_BID
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1466.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/51315
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/51438
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/51141
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://marc.info/?l=bugtraq&m=135758563611658&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
vdb-entry
x_refsource_XF
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1455.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1391.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21620037
x_refsource_CONFIRM
x_transferred
http://marc.info/?l=bugtraq&m=135758563611658&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/51390
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1392.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21631786
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/51327
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
x_refsource_CONFIRM
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1467.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://rhn.redhat.com/errata/RHSA-2012-1465.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/51328
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://marc.info/?l=bugtraq&m=135542848327757&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-1456.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://secunia.com/advisories/51393
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/51326
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www-01.ibm.com/support/docview.wss?uid=swg21625794
x_refsource_CONFIRM
x_transferred
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
x_refsource_CONFIRM
x_transferred
http://marc.info/?l=bugtraq&m=135542848327757&w=2
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/51313
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/56025
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1466.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/51315
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/51438
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/51141
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1391.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21620037
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/51390
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1392.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21631786
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/51327
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1465.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/51328
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://secunia.com/advisories/51393
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/51326
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21625794
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert_us@oracle.com
Published At:16 Oct, 2012 | 21:55
Updated At:11 Apr, 2025 | 00:51

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Oracle Corporation
oracle
>>javafx>>Versions up to 2.2(inclusive)
cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>1.2
cpe:2.3:a:oracle:javafx:1.2:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>1.2.2
cpe:2.3:a:oracle:javafx:1.2.2:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>1.2.3
cpe:2.3:a:oracle:javafx:1.2.3:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>1.3.0
cpe:2.3:a:oracle:javafx:1.3.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>1.3.1
cpe:2.3:a:oracle:javafx:1.3.1:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>2.0
cpe:2.3:a:oracle:javafx:2.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>2.0.2
cpe:2.3:a:oracle:javafx:2.0.2:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>2.0.3
cpe:2.3:a:oracle:javafx:2.0.3:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>javafx>>2.1
cpe:2.3:a:oracle:javafx:2.1:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>Versions up to 1.7.0(inclusive)
cpe:2.3:a:oracle:jdk:*:update7:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>Versions up to 1.7.0(inclusive)
cpe:2.3:a:oracle:jre:*:update7:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.7.0
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>Versions up to 1.6.0(inclusive)
cpe:2.3:a:oracle:jdk:*:update35:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*
Oracle Corporation
oracle
>>jdk>>1.6.0
cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>Versions up to 1.6.0(inclusive)
cpe:2.3:a:oracle:jre:*:update35:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
Oracle Corporation
oracle
>>jre>>1.6.0
cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html "Applies to client and server deployment of Java. This vulnerability can be exploited through untrusted Java Web Start applications and untrusted Java applets. It can also be exploited by supplying data to APIs in the specified Component without using untrusted Java Web Start applications or untrusted Java applets, such as through a web service."

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.htmlsecalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.htmlsecalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=135542848327757&w=2secalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=135542848327757&w=2secalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=135758563611658&w=2secalert_us@oracle.com
N/A
http://marc.info/?l=bugtraq&m=135758563611658&w=2secalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1391.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1392.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1465.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1466.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2012-1467.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1455.htmlsecalert_us@oracle.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-1456.htmlsecalert_us@oracle.com
N/A
http://secunia.com/advisories/51141secalert_us@oracle.com
N/A
http://secunia.com/advisories/51313secalert_us@oracle.com
N/A
http://secunia.com/advisories/51315secalert_us@oracle.com
N/A
http://secunia.com/advisories/51326secalert_us@oracle.com
N/A
http://secunia.com/advisories/51327secalert_us@oracle.com
N/A
http://secunia.com/advisories/51328secalert_us@oracle.com
N/A
http://secunia.com/advisories/51390secalert_us@oracle.com
N/A
http://secunia.com/advisories/51393secalert_us@oracle.com
N/A
http://secunia.com/advisories/51438secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21616490secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21620037secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21621154secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21625794secalert_us@oracle.com
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21631786secalert_us@oracle.com
N/A
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.htmlsecalert_us@oracle.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150secalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlsecalert_us@oracle.com
N/A
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.htmlsecalert_us@oracle.com
Patch
Vendor Advisory
http://www.securityfocus.com/bid/56025secalert_us@oracle.com
N/A
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfsecalert_us@oracle.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/79412secalert_us@oracle.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544secalert_us@oracle.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=135542848327757&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=135542848327757&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=135758563611658&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=135758563611658&w=2af854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1391.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1392.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1465.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1466.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2012-1467.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1455.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://rhn.redhat.com/errata/RHSA-2013-1456.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51141af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51313af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51315af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51326af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51327af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51328af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51390af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51393af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51438af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21616490af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21620037af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21621154af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21625794af854a3a-2127-422b-91ae-364da2661108
N/A
http://www-01.ibm.com/support/docview.wss?uid=swg21631786af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/bid/56025af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/79412af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1391.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1392.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1465.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1466.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51141
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51313
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51315
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51326
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51327
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51328
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51390
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51393
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/51438
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21620037
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21625794
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21631786
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Source: secalert_us@oracle.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/56025
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
Source: secalert_us@oracle.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135542848327757&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=135758563611658&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1391.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1392.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1465.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1466.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2012-1467.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1455.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-1456.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51141
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51313
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51315
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51326
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51327
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51328
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51390
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51393
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51438
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21620037
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21625794
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www-01.ibm.com/support/docview.wss?uid=swg21631786
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/56025
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/79412
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16544
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

600Records found
CVE-2003-0694
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-76.08% / 98.89%
||
7 Day CHG~0.00%
Published-18 Sep, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Action-Not Available
Vendor-compaqsendmailturbolinuxn/aNetBSDGentoo Foundation, Inc.Silicon Graphics, Inc.IBM CorporationFreeBSD FoundationApple Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailtru64netbsdadvanced_message_serveraixirixturbolinux_workstationmac_os_xlinuxhp-uxsendmail_switchsolaristurbolinux_servermac_os_x_serversunosfreebsdturbolinux_advanced_serversendmail_pron/a
CVE-2003-0196
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-6.78% / 91.11%
||
7 Day CHG~0.00%
Published-15 Apr, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

Action-Not Available
Vendor-samba-tngcompaqn/aSambaSun Microsystems (Oracle Corporation)HP Inc.
Product-tru64hp-uxsolarissamba-tngsambasunoscifs-9000_servern/a
CVE-2003-0466
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-90.83% / 99.61%
||
7 Day CHG~0.00%
Published-01 Aug, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.

Action-Not Available
Vendor-wuftpdn/aNetBSDOpenBSDRed Hat, Inc.FreeBSD FoundationApple Inc.Sun Microsystems (Oracle Corporation)
Product-netbsdopenbsdwu_ftpdsolarismac_os_x_serverfreebsdmac_os_xwu-ftpdn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2003-0201
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-83.96% / 99.27%
||
7 Day CHG+3.45%
Published-15 Apr, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

Action-Not Available
Vendor-samba-tngcompaqn/aApple Inc.SambaSun Microsystems (Oracle Corporation)HP Inc.
Product-tru64hp-uxsolarissamba-tngsambasunoscifs-9000_servermac_os_xn/a
CVE-2012-4301
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.96% / 89.43%
||
7 Day CHG~0.00%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that this issue allows remote attackers to execute arbitrary code via an "invalid type case" in the init method of the D3DShader class in the com.sun.prism.d3d package. CPU.

Action-Not Available
Vendor-n/aOracle Corporation
Product-javafxn/a
CVE-2012-3136
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.03% / 76.90%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdkjren/a
CVE-2005-3449
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.63% / 81.52%
||
7 Day CHG~0.00%
Published-02 Nov, 2005 | 11:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) AS11 in Web Cache.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_servern/a
CVE-2012-3342
Matching Score-8
Assigner-IBM Corporation
ShareView Details
Matching Score-8
Assigner-IBM Corporation
CVSS Score-10||HIGH
EPSS-4.87% / 89.33%
||
7 Day CHG-3.66%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2012-3143
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-12.62% / 93.80%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2010-0071
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-12.52% / 93.77%
||
7 Day CHG~0.00%
Published-13 Jan, 2010 | 01:00
Updated-07 Aug, 2024 | 00:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-database_servern/a
CVE-2012-3135
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.63% / 85.36%
||
7 Day CHG~0.00%
Published-17 Jul, 2012 | 22:39
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.3 and before, and 27.7.2 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-fusion_middlewaren/a
CVE-2012-3174
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-1.41% / 80.16%
||
7 Day CHG~0.00%
Published-14 Jan, 2013 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdkjren/a
CVE-2012-1541
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.54% / 92.67%
||
7 Day CHG~0.00%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2012-3213
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-10.13% / 92.94%
||
7 Day CHG~0.00%
Published-02 Feb, 2013 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Oracle Corporation
Product-jrejdkn/a
CVE-2012-3202
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.52% / 87.36%
||
7 Day CHG~0.00%
Published-17 Oct, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the Oracle JRockit component in Oracle Fusion Middleware 28.2.4 and earlier, and 27.7.3 and earlier, when using JDK/JRE 5 or 6, allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this overlaps CVE-2012-5083, CVE-2012-1531, CVE-2012-5081, and CVE-2012-5085.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrockitjdkjren/a
CVE-2012-2750
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-10||HIGH
EPSS-1.80% / 82.45%
||
7 Day CHG~0.00%
Published-17 Aug, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in MySQL 5.5.x before 5.5.23 has unknown impact and attack vectors related to a "Security Fix", aka Bug #59533. NOTE: this might be a duplicate of CVE-2012-1689, but as of 20120816, Oracle has not commented on this possibility.

Action-Not Available
Vendor-n/aOracle CorporationMariaDB FoundationDebian GNU/Linux
Product-debian_linuxmariadbmysqln/a
CVE-2012-1531
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-9.28% / 92.56%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-javafxjdkjren/a
CVE-2012-1532
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-10.01% / 92.89%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-1723
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.98% / 99.89%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-22 Oct, 2025 | 01:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Action-Not Available
Vendor-n/aRed Hat, Inc.Oracle Corporation
Product-jdkicedtea6jreenterprise_linux_serverenterprise_linux_eusenterprise_linux_server_ausenterprise_linux_desktopenterprise_linux_workstationn/aJava SE
CWE ID-CWE-284
Improper Access Control
CVE-2012-1721
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.01% / 86.28%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdkjren/a
CVE-2012-1713
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-6.43% / 90.84%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-javafxjdkjren/a
CVE-2012-1682
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-2.93% / 86.11%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdkjren/a
CVE-2012-1716
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.30%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-1695
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-6.8||MEDIUM
EPSS-1.44% / 80.43%
||
7 Day CHG~0.00%
Published-03 May, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware 28.2.2 and earlier, and JDK/JRE 5 and 6 27.7.1 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-fusion_middlewarejdkjren/a
CVE-2012-1533
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-66.16% / 98.47%
||
7 Day CHG~0.00%
Published-16 Oct, 2012 | 21:29
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-3159.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-1712
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-0.68% / 71.09%
||
7 Day CHG~0.00%
Published-21 Dec, 2012 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aOracle Corporation
Product-glassfish_web_space_server10.0n/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2012-1725
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.30%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, and 5 update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2012-1722
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.01% / 86.28%
||
7 Day CHG~0.00%
Published-16 Jun, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.

Action-Not Available
Vendor-n/aOracle Corporation
Product-jdkjren/a
CVE-2002-2374
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.15% / 35.53%
||
7 Day CHG~0.00%
Published-31 Oct, 2007 | 16:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-patchpron/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2012-0499
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-10.20% / 92.97%
||
7 Day CHG~0.00%
Published-15 Feb, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejavafxn/a
CVE-2012-0497
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-4.84% / 89.30%
||
7 Day CHG~0.00%
Published-15 Feb, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jren/a
CVE-2012-0768
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-10||HIGH
EPSS-6.08% / 90.55%
||
7 Day CHG~0.00%
Published-05 Mar, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCSun Microsystems (Oracle Corporation)Apple Inc.Adobe Inc.
Product-linux_kernelwindowsandroidflash_playermac_os_xsunosflash_player_for_androidn/a
CVE-2004-1170
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-15.59% / 94.52%
||
7 Day CHG~0.00%
Published-10 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.

Action-Not Available
Vendor-n/aGNUSUSESun Microsystems (Oracle Corporation)
Product-a2pssuse_linuxjava_desktop_systemn/a
CVE-2012-0507
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-9.8||CRITICAL
EPSS-93.65% / 99.83%
||
7 Day CHG~0.00%
Published-07 Jun, 2012 | 22:00
Updated-22 Oct, 2025 | 01:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Action-Not Available
Vendor-n/aSUSESun Microsystems (Oracle Corporation)Oracle CorporationDebian GNU/Linux
Product-jredebian_linuxlinux_enterprise_javalinux_enterprise_desktoplinux_enterprise_software_development_kitlinux_enterprise_servern/aJava SE
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2012-0500
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-74.85% / 98.83%
||
7 Day CHG~0.00%
Published-15 Feb, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jrejavafxn/a
CVE-2002-1584
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.28% / 86.89%
||
7 Day CHG~0.00%
Published-08 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX 6.5 to 6.5.19f, and possibly other platforms, allows remote attackers to gain privileges.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)
Product-solarissunosirixn/a
CVE-2012-0498
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-8.04% / 91.93%
||
7 Day CHG~0.00%
Published-15 Feb, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Action-Not Available
Vendor-n/aOracle CorporationSun Microsystems (Oracle Corporation)
Product-jren/a
CVE-2002-2425
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.23% / 86.77%
||
7 Day CHG~0.00%
Published-01 Nov, 2007 | 17:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solaris_answerbook2n/a
CVE-2003-1081
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.20% / 84.08%
||
7 Day CHG~0.00%
Published-08 Feb, 2005 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2002-1361
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-20.76% / 95.46%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-cobalt_raq_4n/a
CVE-2002-1337
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-69.71% / 98.62%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Action-Not Available
Vendor-windriversendmailn/aNetBSDGentoo Foundation, Inc.Oracle CorporationSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailplatform_sanetbsdhp-uxsolarisalphaserver_scsunoslinuxbsdosn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2003-0722
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-87.09% / 99.42%
||
7 Day CHG~0.00%
Published-17 Sep, 2003 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarisn/a
CVE-2003-0095
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-54.41% / 97.95%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

Action-Not Available
Vendor-n/aOracle Corporation
Product-oracle8ioracle9idatabase_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-1583
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-45.83% / 97.53%
||
7 Day CHG-6.16%
Published-23 Sep, 2007 | 23:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-sunosn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2002-0796
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.45% / 87.23%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2008-1825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.93% / 75.67%
||
7 Day CHG~0.00%
Published-16 Apr, 2008 | 10:00
Updated-07 Aug, 2024 | 08:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 9.0.4.3 has unknown impact and remote attack vectors, aka AS03.

Action-Not Available
Vendor-n/aOracle Corporation
Product-application_server_9in/a
CVE-2002-0436
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.93% / 88.05%
||
7 Day CHG~0.00%
Published-11 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-solarissunosn/a
CVE-2003-0161
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-67.90% / 98.54%
||
7 Day CHG~0.00%
Published-01 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Action-Not Available
Vendor-compaqsendmailn/aSun Microsystems (Oracle Corporation)HP Inc.
Product-sendmailtru64hp-uxhp-ux_series_700sendmail_switchsolarishp-ux_series_800sunossisn/a
CVE-2011-3548
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.06% / 86.39%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
CVE-2011-3554
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-10||HIGH
EPSS-3.17% / 86.63%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)
Product-jdkjren/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found