This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:sun:jre:5.0:update_12
Detail
Vendor Sun First view 2008-03-06
Product Jre Last view 2009-08-06
Version 5.0 Type Application
Edition  
Language  
Update update_12  
 
CPE Product cpe:/a:sun:jre

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
5 2009-08-06 CVE-2009-2625 Network Low None Requ...
10 2009-08-05 CVE-2009-2675 Network Low None Requ...
7.5 2009-08-05 CVE-2009-2673 Network Low None Requ...
7.5 2009-08-05 CVE-2009-2672 Network Low None Requ...
5 2009-08-05 CVE-2009-2671 Network Low None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
5 2009-08-05 CVE-2009-2670 Network Low None Requ...
6.4 2008-12-05 CVE-2008-5360 Network Low None Requ...
9.3 2008-12-05 CVE-2008-5359 Network Medium None Requ...
9.3 2008-12-05 CVE-2008-5357 Network Medium None Requ...
9.3 2008-12-05 CVE-2008-5356 Network Medium None Requ...
10 2008-12-05 CVE-2008-5355 Network Low None Requ...
9.3 2008-12-05 CVE-2008-5354 Network Medium None Requ...
10 2008-12-05 CVE-2008-5353 Network Low None Requ...
9.3 2008-12-05 CVE-2008-5352 Network Medium None Requ...
7.5 2008-12-05 CVE-2008-5351 Network Low None Requ...
5 2008-12-05 CVE-2008-5350 Network Low None Requ...
7.1 2008-12-05 CVE-2008-5349 Network Medium None Requ...
7.1 2008-12-05 CVE-2008-5348 Network Medium None Requ...
7.1 2008-12-05 CVE-2008-5346 Network Medium None Requ...
7.5 2008-12-05 CVE-2008-5345 Network Low None Requ...
7.5 2008-12-05 CVE-2008-5344 Network Low None Requ...
9 2008-12-05 CVE-2008-5343 Network Low None Requ...
5 2008-12-05 CVE-2008-5342 Network Low None Requ...
5 2008-12-05 CVE-2008-5341 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
46% (13)CWE-264Permissions, Privileges, and Access Controls
17% (5)CWE-200Information Exposure
14% (4)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
7% (2)CWE-189Numeric Errors
3% (1)CWE-287Improper Authentication
Hide | Show 3 More...
%idName
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')
3% (1)CWE-20Improper Input Validation
3% (1)CWE-16Configuration

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:10278Unspecified vulnerability in Sun Java Runtime Environment (JRE) and JDK 6 Upd...
oval:org.mitre.oval:def:22027ELSA-2008:0243: java-1.4.2-bea security update (Moderate)
oval:org.mitre.oval:def:5601Java Web Start Bugs Let Remote Users Read/Write Files, Execute Arbitrary Code...
oval:org.mitre.oval:def:10920Unspecified vulnerability in the Java Management Extensions (JMX) management ...
oval:org.mitre.oval:def:22657ELSA-2008:0891: java-1.5.0-ibm security update (Moderate)
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:10866Unspecified vulnerability in Sun Java Runtime Environment (JRE) in JDK and JR...
oval:org.mitre.oval:def:10219Unspecified vulnerability in the Virtual Machine in Sun Java Runtime Environm...
oval:org.mitre.oval:def:10541Multiple buffer overflows in Sun Java Web Start in JDK and JRE 6 before Updat...
oval:org.mitre.oval:def:11102Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 befo...
oval:org.mitre.oval:def:10454Unspecified vulnerability in Sun Java Web Start in JDK and JRE 5.0 before Upd...
oval:org.mitre.oval:def:9755Unspecified vulnerability in Sun Java Web Start in JDK and JRE 6 before Updat...
oval:org.mitre.oval:def:22711ELSA-2008:0955: java-1.4.2-ibm security update (Critical)
oval:org.mitre.oval:def:22662ELSA-2008:0790: java-1.5.0-ibm security update (Critical)
oval:org.mitre.oval:def:22640ELSA-2008:0595: java-1.5.0-sun security update (Critical)
oval:org.mitre.oval:def:22389ELSA-2008:0594: java-1.6.0-sun security update (Critical)
oval:org.mitre.oval:def:22274ELSA-2008:0906: java-1.6.0-ibm security update (Critical)
oval:org.mitre.oval:def:6409Multiple Security Vulnerabilities in Java Web Start and Java Plug-in May Allo...
oval:org.mitre.oval:def:6627Sun Java Multiple Code Execution and Security Bypass Vulnerabilities
oval:org.mitre.oval:def:6529Java Runtime Environment (JRE) Buffer Overflow in Processing Image Files and ...
oval:org.mitre.oval:def:6359Unspecified vulnerability in the BasicService for Java Web Start (JWS) and Ja...
oval:org.mitre.oval:def:5924Sun Java Web Start and Java Plug-in JAR File Privilege Escalation Vulnerability
oval:org.mitre.oval:def:6249Sun Java Web Start and Java Plug-in applet class security bypass
oval:org.mitre.oval:def:6059Sun Java Runtime Environment (JRE) Lets Remote Users Access 'localhost'
oval:org.mitre.oval:def:6629Sun Java Runtime Environment zip File Processing Bug Lets Remote Users Read M...
oval:org.mitre.oval:def:6549Sun Java Runtime Environment and Java Development Kit Multiple Security Vulne...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
56984Apache Xerces2 Java Malformed XML Input DoS
56788Sun Java JDK / JRE Audio System Unauthorized java.lang.System Properties Access
56786Sun Java JDK / JRE Pack200 JAR File Decoding Inner Class Count Overflow
56785Sun Java JDK / JRE Proxy Mechanism Implementation Arbitrary Host Connection
56784Sun Java JDK / JRE Proxy Mechanism Implementation Unauthorized Browser Cookie...
Hide | Show 20 More...
idDescription
56783Sun Java JDK / JRE SOCKS Proxy Implementation Applet Process Owner Disclosure
50517Sun Java JDK / JRE TrueType Font Processing Integer Overflow
50516Sun Java JDK / JRE TrueType Font Processing Heap Overflow
50514Sun Java JDK / JRE Java Web Start BasicService Arbitrary File Access
50513Sun Java JDK / JRE Applet Classloading Privilege Escalation
50512Sun Java JDK / JRE Jave Web Start / Plug-in HTTP Session Hijacking
50511Sun Java JDK / JRE Java Web Start SingleInstanceImpl Class SI_FILEDIR Propert...
50510Sun Java JDK / JRE Java Web Start (JWS) JNLP File System Properties Override ...
50509Sun Java JDK / JRE Java Web Start Application file: Protocol Arbitrary File A...
50508Sun Java JRE LocalHost Network Access Restriction Bypass
50507Sun Java JDK / JRE ZIP File Parsing Arbitrary Memory Disclosure
50505Sun Java JDK / JRE Kerberos Authentication Unspecified Remote DoS
50504Sun Java JDK / JRE RSA Public Key Processing Resource Consumption DoS
50503Sun Java JDK / JRE Untrusted Applet User Home Directory Content Listing
50502Sun Java JDK / JRE UTF-8 Decoder Non-shortest Form Sequence Handling Weakness
50501Sun Java JDK / JRE Unpack200 JAR Utility Privilege Escalation
50500Sun Java JDK / JRE Deserializing Calendar Object Privilege Escalation
50499Sun Java JDK / JRE Command Line Application Overflow
50498Sun Java JDK / JRE Java Update Mechanism Digital Signature Verification Weakness
50497Sun Java JDK / JRE Java Web Start Application JNLP File Handling Socket Restr...

ExploitDB Exploits

idDescription
16302Signed Applet Social Engineering Code Exec
16293Sun Java Calendar Deserialization Exploit
9948Sun Java Runtime and Development Kit <= 6 update 10 Calendar Deserializati...
8753Mac OS X Java applet Remote Deserialization Remote PoC (updated)

Metasploit Exploits

idDescription
2008-12-03Sun Java Calendar Deserialization Privilege Escalation

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-06-06Name : RedHat Update for xerces-j2 RHSA-2011:0858-01
File : nvt/gb_RHSA-2011_0858-01_xerces-j2.nasl
2011-08-09Name : CentOS Update for xerces-j2 CESA-2009:1615 centos5 i386
File : nvt/gb_CESA-2009_1615_xerces-j2_centos5_i386.nasl
2011-08-09Name : CentOS Update for java CESA-2009:1201 centos5 i386
File : nvt/gb_CESA-2009_1201_java_centos5_i386.nasl
2011-06-20Name : Mandriva Update for xerces-j2 MDVSA-2011:108 (xerces-j2)
File : nvt/gb_mandriva_MDVSA_2011_108.nasl
2010-10-10Name : FreeBSD Ports: apr
File : nvt/freebsd_apr0.nasl
Hide | Show 20 More...
idDescription
2010-05-28Name : Java for Mac OS X 10.5 Update 2
File : nvt/macosx_java_for_10_5_upd_2.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 3
File : nvt/macosx_java_for_10_5_upd_3.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 4
File : nvt/macosx_java_for_10_5_upd_4.nasl
2010-05-28Name : Java for Mac OS X 10.5 Update 5
File : nvt/macosx_java_for_10_5_upd_5.nasl
2010-04-16Name : Ubuntu Update for cmake vulnerabilities USN-890-6
File : nvt/gb_ubuntu_USN_890_6.nasl
2010-02-19Name : Ubuntu Update for xmlrpc-c vulnerabilities USN-890-5
File : nvt/gb_ubuntu_USN_890_5.nasl
2010-01-29Name : Ubuntu Update for python-xml vulnerabilities USN-890-4
File : nvt/gb_ubuntu_USN_890_4.nasl
2010-01-25Name : Ubuntu Update for python2.4 vulnerabilities USN-890-3
File : nvt/gb_ubuntu_USN_890_3.nasl
2010-01-22Name : Ubuntu Update for expat vulnerabilities USN-890-1
File : nvt/gb_ubuntu_USN_890_1.nasl
2010-01-22Name : Ubuntu Update for python2.5 vulnerabilities USN-890-2
File : nvt/gb_ubuntu_USN_890_2.nasl
2010-01-15Name : Mandriva Update for davfs MDVSA-2009:220-1 (davfs)
File : nvt/gb_mandriva_MDVSA_2009_220_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-1 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_1.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-2 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_2.nasl
2010-01-15Name : Mandriva Update for expat MDVSA-2009:316-3 (expat)
File : nvt/gb_mandriva_MDVSA_2009_316_3.nasl
2009-12-30Name : CentOS Security Advisory CESA-2009:1615 (xerces-j2)
File : nvt/ovcesa2009_1615.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:211-1 (expat)
File : nvt/mdksa_2009_211_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:212-1 (python)
File : nvt/mdksa_2009_212_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:213-1 (wxgtk)
File : nvt/mdksa_2009_213_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:215-1 (audacity)
File : nvt/mdksa_2009_215_1.nasl
2009-12-10Name : Mandriva Security Advisory MDVSA-2009:217-3 (mozilla-thunderbird)
File : nvt/mdksa_2009_217_3.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2012-A-0136Multiple Vulnerabilities in Juniper Network Management Products
Severity : Category I - VMSKEY : V0033662
2009-A-0105Multiple Vulnerabilities in VMware Products
Severity : Category I - VMSKEY : V0021867

Snort® IPS/IDS

DateDescription
2014-01-10Oracle Java Web Start JNLP j2se key value buffer overflow attempt
RuleID : 24906 - Type : FILE-JAVA - Revision : 5
2014-01-10Oracle Java Web Start JNLP j2se key value buffer overflow attempt
RuleID : 24905 - Type : FILE-JAVA - Revision : 5
2014-01-10Oracle Java Web Start JNLP j2se key value buffer overflow attempt
RuleID : 24904 - Type : FILE-JAVA - Revision : 5
2014-01-10Phoenix exploit kit post-compromise behavior
RuleID : 21860 - Type : EXPLOIT-KIT - Revision : 3
2014-01-10Phoenix exploit kit landing page
RuleID : 21640 - Type : EXPLOIT-KIT - Revision : 5
Hide | Show 6 More...
DateDescription
2014-01-10Oracle Java calendar deserialize vulnerability
RuleID : 20238 - Type : SERVER-OTHER - Revision : 4
2014-01-10Oracle Java Web Start JNLP j2se key value buffer overflow attempt
RuleID : 17631 - Type : FILE-JAVA - Revision : 10
2014-01-10Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow
RuleID : 17563 - Type : FILE-JAVA - Revision : 8
2014-01-10Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt
RuleID : 17562 - Type : FILE-JAVA - Revision : 9
2014-01-10Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt
RuleID : 17395 - Type : FILE-IMAGE - Revision : 10
2014-01-10Oracle Java Web Start JNLP attribute buffer overflow attempt
RuleID : 13950 - Type : FILE-JAVA - Revision : 10

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-09-13Name : The remote host is affected by multiple vulnerabilities.
File : juniper_nsm_psn_2012_08_689.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1615.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0858.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2009-1201.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_j2se_4_2_18_unix.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_244986_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host contains a runtime environment that is affected by multi...
File : sun_java_jre_263408_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_5_16_unix.nasl - Type : ACT_GATHER_INFO
2013-02-22Name : The remote Unix host has an application that is affected by multiple vulnerab...
File : sun_java_jre_6_7_unix.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0594.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1636.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1637.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1649.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1650.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0245.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2008-0267.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090117_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110608_xerces_j2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090806_java_1_6_0_openjdk_on_SL5_3.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20090824_java__jdk_1_6_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20080714_java__jdk_1_5_0__on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20091130_xerces_j2_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-06-14Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-108.nasl - Type : ACT_GATHER_INFO
2011-06-09Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0858.nasl - Type : ACT_GATHER_INFO
2011-04-23Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2009-1662.nasl - Type : ACT_GATHER_INFO