CVE-2012-0505

Executive Summary

Informations
Name	CVE-2012-0505	First vendor Publication	2012-02-15
Vendor	Cve	Last vendor Modification	2013-02-14

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score	7.5	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0505

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:13976

Oval ID:	oval:org.mitre.oval:def:13976
Title:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Description:	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0505	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Java Runtime Environment
Definition Synopsis:
Determine if the version of Java Runtime Environment is less than 1.5.0:update34 and is greater than or equal to 1.5.0 Determine if the version of Java Runtime Environment is less than 1.5.0:update34 AND Java SE Runtime Environment 5 is installed OR Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 and is greater than or equal to 1.6.0 Determine if the version of Java Runtime Environment is less than 1.6.0:update_31 AND Java SE Runtime Environment 6 is installed OR Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than 1.7.0:update_3 AND Java SE Runtime Environment 7 is installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Oracle Jre cpe:/a:oracle:jre:1.7.0:update1 cpe:/a:oracle:jre:1.7.0:update2 cpe:/a:oracle:jre:1.7.0 cpe:/a:oracle:jre:1.6.0:update_24 cpe:/a:oracle:jre:1.6.0:update_26 cpe:/a:oracle:jre:1.6.0:update_25 cpe:/a:oracle:jre:1.6.0:update_30 cpe:/a:oracle:jre:1.6.0:update_29 cpe:/a:oracle:jre:1.6.0:update_27 cpe:/a:oracle:jre:1.6.0:update_22 cpe:/a:oracle:jre:1.6.0:update_23	11
Application	Sun Jre cpe:/a:sun:jre:1.6.0:update_2 cpe:/a:sun:jre:1.6.0 cpe:/a:sun:jre:1.6.0:update_3 cpe:/a:sun:jre:1.6.0:update_11 cpe:/a:sun:jre:1.6.0:update_20 cpe:/a:sun:jre:1.6.0:update_14 cpe:/a:sun:jre:1.6.0:update_19 cpe:/a:sun:jre:1.6.0:update_5 cpe:/a:sun:jre:1.6.0:update_21 cpe:/a:sun:jre:1.6.0:update_15 cpe:/a:sun:jre:1.6.0:update_12 cpe:/a:sun:jre:1.6.0:update_7 cpe:/a:sun:jre:1.6.0:update_17 cpe:/a:sun:jre:1.6.0:update_10 cpe:/a:sun:jre:1.6.0:update_16 cpe:/a:sun:jre:1.6.0:update_4 cpe:/a:sun:jre:1.6.0:update_1 cpe:/a:sun:jre:1.6.0:update_6 cpe:/a:sun:jre:1.6.0:update_13 cpe:/a:sun:jre:1.6.0:update_18 cpe:/a:sun:jre:1.5.0 cpe:/a:sun:jre:1.5.0:update3 cpe:/a:sun:jre:1.5.0:update20 cpe:/a:sun:jre:1.5.0:update6 cpe:/a:sun:jre:1.5.0:update21 cpe:/a:sun:jre:1.5.0:update29 cpe:/a:sun:jre:1.5.0:update9 cpe:/a:sun:jre:1.5.0:update13 cpe:/a:sun:jre:1.5.0:update1 cpe:/a:sun:jre:1.5.0:update14 cpe:/a:sun:jre:1.5.0:update18 cpe:/a:sun:jre:1.5.0:update22 cpe:/a:sun:jre:1.5.0:update11 cpe:/a:sun:jre:1.5.0:update26 cpe:/a:sun:jre:1.5.0:update33 cpe:/a:sun:jre:1.5.0:update19 cpe:/a:sun:jre:1.5.0:update31 cpe:/a:sun:jre:1.5.0:update25 cpe:/a:sun:jre:1.5.0:update23 cpe:/a:sun:jre:1.5.0:update7 cpe:/a:sun:jre:1.5.0:update5 cpe:/a:sun:jre:1.5.0:update2 cpe:/a:sun:jre:1.5.0:update4 cpe:/a:sun:jre:1.5.0:update8 cpe:/a:sun:jre:1.5.0:update15 cpe:/a:sun:jre:1.5.0:update17 cpe:/a:sun:jre:1.5.0:update16 cpe:/a:sun:jre:1.5.0:update24 cpe:/a:sun:jre:1.5.0:update28 cpe:/a:sun:jre:1.5.0:update10 cpe:/a:sun:jre:1.5.0:update12 cpe:/a:sun:jre:1.5.0:update27 cpe:/a:sun:jre:1.4.2_9 cpe:/a:sun:jre:1.4.2_8 cpe:/a:sun:jre:1.4.2_7 cpe:/a:sun:jre:1.4.2_6 cpe:/a:sun:jre:1.4.2_5 cpe:/a:sun:jre:1.4.2_4 cpe:/a:sun:jre:1.4.2_35 cpe:/a:sun:jre:1.4.2_34 cpe:/a:sun:jre:1.4.2_33 cpe:/a:sun:jre:1.4.2_32 cpe:/a:sun:jre:1.4.2_31 cpe:/a:sun:jre:1.4.2_30 cpe:/a:sun:jre:1.4.2_3 cpe:/a:sun:jre:1.4.2_29 cpe:/a:sun:jre:1.4.2_28 cpe:/a:sun:jre:1.4.2_27 cpe:/a:sun:jre:1.4.2_26 cpe:/a:sun:jre:1.4.2_25 cpe:/a:sun:jre:1.4.2_24 cpe:/a:sun:jre:1.4.2_23 cpe:/a:sun:jre:1.4.2_22 cpe:/a:sun:jre:1.4.2_21 cpe:/a:sun:jre:1.4.2_20 cpe:/a:sun:jre:1.4.2_2 cpe:/a:sun:jre:1.4.2_19 cpe:/a:sun:jre:1.4.2_18 cpe:/a:sun:jre:1.4.2_17 cpe:/a:sun:jre:1.4.2_16 cpe:/a:sun:jre:1.4.2_15 cpe:/a:sun:jre:1.4.2_14 cpe:/a:sun:jre:1.4.2_13 cpe:/a:sun:jre:1.4.2_12 cpe:/a:sun:jre:1.4.2_11 cpe:/a:sun:jre:1.4.2_10 cpe:/a:sun:jre:1.4.2_1 cpe:/a:sun:jre:1.4.2	88

Internal Sources (Detail)

Source	Url
CONFIRM	http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
SECUNIA	http://secunia.com/advisories/48589 http://secunia.com/advisories/48692 http://secunia.com/advisories/48915 http://secunia.com/advisories/48948 http://secunia.com/advisories/48950 http://secunia.com/advisories/49198
SUSE	http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00015.html

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-10 22:33:00	Multiple Updates
2013-02-15 13:20:26	Multiple Updates
2012-12-06 13:20:10	Multiple Updates
2012-11-07 05:21:34	Multiple Updates

Type	Count
Oval ID(s)	1
CPE ID(s)	99

Related	Severity
USN-1373-2	(Critical)
USN-1373-1	(Critical)
RHSA-2012:0702	(Critical)
RHSA-2012:0514	(Critical)
RHSA-2012:0508	(Critical)
RHSA-2012:0322	(Critical)
RHSA-2012:0139	(Critical)
RHSA-2012:0135	(Critical)
MDVSA-2012:021	(Critical)
HPSBUX02784 SSR...	(Critical)
HPSBUX02777 SSR...	(Critical)
HPSBUX02760 SSR...	(Critical)
HPSBUX02757 SSR...	(Critical)
HPSBMU02799 SSR...	(Critical)
HPSBMU02797 SSR...	(Critical)
DSA-2420	(Critical)