Executive Summary
Summary | |
---|---|
Title | HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities |
Informations | |||
---|---|---|---|
Name | HPSBUX02832 SSRT101042 | First vendor Publication | 2012-12-12 |
Vendor | HP | Last vendor Modification | 2012-12-12 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03595351 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:16043 | |||
Oval ID: | oval:org.mitre.oval:def:16043 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5081 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16227 | |||
Oval ID: | oval:org.mitre.oval:def:16227 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5071 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16387 | |||
Oval ID: | oval:org.mitre.oval:def:16387 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5086 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16466 | |||
Oval ID: | oval:org.mitre.oval:def:16466 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5073 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16506 | |||
Oval ID: | oval:org.mitre.oval:def:16506 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5089 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16522 | |||
Oval ID: | oval:org.mitre.oval:def:16522 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5072 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16533 | |||
Oval ID: | oval:org.mitre.oval:def:16533 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5068 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16538 | |||
Oval ID: | oval:org.mitre.oval:def:16538 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3216 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16544 | |||
Oval ID: | oval:org.mitre.oval:def:16544 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5083 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16546 | |||
Oval ID: | oval:org.mitre.oval:def:16546 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1531 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16553 | |||
Oval ID: | oval:org.mitre.oval:def:16553 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5084 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16556 | |||
Oval ID: | oval:org.mitre.oval:def:16556 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1532 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16560 | |||
Oval ID: | oval:org.mitre.oval:def:16560 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5087 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:16585 | |||
Oval ID: | oval:org.mitre.oval:def:16585 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Security. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5077 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16602 | |||
Oval ID: | oval:org.mitre.oval:def:16602 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5079 | Version: | 7 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16615 | |||
Oval ID: | oval:org.mitre.oval:def:16615 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3159 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16623 | |||
Oval ID: | oval:org.mitre.oval:def:16623 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-4416 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16648 | |||
Oval ID: | oval:org.mitre.oval:def:16648 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1533 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16654 | |||
Oval ID: | oval:org.mitre.oval:def:16654 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5085 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16684 | |||
Oval ID: | oval:org.mitre.oval:def:16684 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5075 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16685 | |||
Oval ID: | oval:org.mitre.oval:def:16685 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-5069 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:16686 | |||
Oval ID: | oval:org.mitre.oval:def:16686 | ||
Title: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-3143 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21422 | |||
Oval ID: | oval:org.mitre.oval:def:21422 | ||
Title: | RHSA-2012:1385: java-1.6.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1385-00 CESA-2012:1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21586 | |||
Oval ID: | oval:org.mitre.oval:def:21586 | ||
Title: | RHSA-2012:1386: java-1.7.0-openjdk security update (Important) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1386-02 CESA-2012:1386 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5070 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5074 CVE-2012-5075 CVE-2012-5076 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5087 CVE-2012-5088 CVE-2012-5089 | Version: | 263 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.7.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21593 | |||
Oval ID: | oval:org.mitre.oval:def:21593 | ||
Title: | RHSA-2012:1384: java-1.6.0-openjdk security update (Critical) | ||
Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2012:1384-01 CESA-2012:1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 198 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27804 | |||
Oval ID: | oval:org.mitre.oval:def:27804 | ||
Title: | DEPRECATED: ELSA-2012-1384 -- java-1.6.0-openjdk security update (critical) | ||
Description: | [1:1.6.0.0-1.50.1.11.5] - Changed permissions of sa-jdi.jar to correct 644 - Resolves: rhbz#865045 [1:1.6.0.0-1.49.1.11.5] - Updated to IcedTea6 1.11.5 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1384 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27810 | |||
Oval ID: | oval:org.mitre.oval:def:27810 | ||
Title: | DEPRECATED: ELSA-2012-1385 -- java-1.6.0-openjdk security update (important) | ||
Description: | [1:1.6.0.0-1.28.1.10.10.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.10] - Updated to IcedTea6 1.10.10 - Resolves rhbz#s 856124, 865346, 865348, 865350, 865352, 865354, 865357, 865359, 865363, 865365, 865370, 865428, 865471, 865434, 865511, 865514, 865519, 865531, 865541, 865568 | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012-1385 CVE-2012-3216 CVE-2012-4416 CVE-2012-5068 CVE-2012-5069 CVE-2012-5071 CVE-2012-5072 CVE-2012-5073 CVE-2012-5075 CVE-2012-5077 CVE-2012-5079 CVE-2012-5081 CVE-2012-5084 CVE-2012-5085 CVE-2012-5086 CVE-2012-5089 | Version: | 4 |
Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1423-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1423_1.nasl |
2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1424-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1424_1.nasl |
2012-11-02 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:169 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_169.nasl |
2012-10-29 | Name : Ubuntu Update for openjdk-7 USN-1619-1 File : nvt/gb_ubuntu_USN_1619_1.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1384 centos6 File : nvt/gb_CESA-2012_1384_java_centos6.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1385 centos5 File : nvt/gb_CESA-2012_1385_java_centos5.nasl |
2012-10-19 | Name : CentOS Update for java CESA-2012:1386 centos6 File : nvt/gb_CESA-2012_1386_java_centos6.nasl |
2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1384-01 File : nvt/gb_RHSA-2012_1384-01_java-1.6.0-openjdk.nasl |
2012-10-19 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1385-01 File : nvt/gb_RHSA-2012_1385-01_java-1.6.0-openjdk.nasl |
2012-10-19 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1386-01 File : nvt/gb_RHSA-2012_1386-01_java-1.7.0-openjdk.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-01 Oct (Windows) File : nvt/gb_oracle_java_se_mult_vuln01_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln02_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln03_oct12_win.nasl |
2012-10-19 | Name : Oracle Java SE JRE Multiple Unspecified Vulnerabilities-04 oct12 (Windows) File : nvt/gb_oracle_java_se_mult_vuln04_oct12_win.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2018-04-05 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45830 - Revision : 1 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45201 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45200 - Revision : 2 - Type : SERVER-OTHER |
2018-01-17 | limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt RuleID : 45199 - Revision : 2 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0003_remote.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1490-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-2.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1489-1.nasl - Type : ACT_GATHER_INFO |
2014-12-22 | Name : The remote device is affected by multiple vulnerabilities. File : juniper_space_jsa10627.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO |
2014-08-22 | Name : The remote host is affected by multiple vulnerabilities. File : juniper_nsm_jsa10642.nasl - Type : ACT_GATHER_INFO |
2014-07-18 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_jrockit_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO |
2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-755.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-754.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-749.nasl - Type : ACT_GATHER_INFO |
2014-01-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-137.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-136.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0624.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0625.nasl - Type : ACT_GATHER_INFO |
2013-03-12 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0626.nasl - Type : ACT_GATHER_INFO |
2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java_cpu_oct_2012_unix.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-121113.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-121023.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-121126.nasl - Type : ACT_GATHER_INFO |
2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_4_2-ibm-121113.nasl - Type : ACT_GATHER_INFO |
2013-01-24 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1485.nasl - Type : ACT_GATHER_INFO |
2012-11-29 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_6_0-ibm-8383.nasl - Type : ACT_GATHER_INFO |
2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_4_2-ibm-8366.nasl - Type : ACT_GATHER_INFO |
2012-11-19 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_java-1_5_0-ibm-8362.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1465.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1467.nasl - Type : ACT_GATHER_INFO |
2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO |
2012-11-02 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-169.nasl - Type : ACT_GATHER_INFO |
2012-10-31 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121018_java_1_6_0_sun_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-10-26 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1619-1.nasl - Type : ACT_GATHER_INFO |
2012-10-22 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1392.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1391.nasl - Type : ACT_GATHER_INFO |
2012-10-19 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1385.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121017_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1384.nasl - Type : ACT_GATHER_INFO |
2012-10-18 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1386.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java_cpu_oct_2012.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2012-006.nasl - Type : ACT_GATHER_INFO |
2012-10-17 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update11.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2012-12-13 21:21:45 |
|