Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2012-1682 | First vendor Publication | 2012-08-30 |
| Vendor | Cve | Last vendor Modification | 2013-10-31 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1682 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:19946 | |||
| Oval ID: | oval:org.mitre.oval:def:19946 | ||
| Title: | HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities | ||
| Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2012-1682 | Version: | 10 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21284 | |||
| Oval ID: | oval:org.mitre.oval:def:21284 | ||
| Title: | RHSA-2012:1221: java-1.6.0-openjdk security update (Critical) | ||
| Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:1221-01 CESA-2012:1221 CVE-2012-0547 CVE-2012-1682 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21371 | |||
| Oval ID: | oval:org.mitre.oval:def:21371 | ||
| Title: | RHSA-2012:1222: java-1.6.0-openjdk security update (Important) | ||
| Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2012:1222-00 CESA-2012:1222 CVE-2012-0547 CVE-2012-1682 | Version: | 29 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22761 | |||
| Oval ID: | oval:org.mitre.oval:def:22761 | ||
| Title: | ELSA-2012:1222: java-1.6.0-openjdk security update (Important) | ||
| Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:1222-00 CVE-2012-0547 CVE-2012-1682 | Version: | 13 |
| Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23805 | |||
| Oval ID: | oval:org.mitre.oval:def:23805 | ||
| Title: | ELSA-2012:1221: java-1.6.0-openjdk security update (Critical) | ||
| Description: | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012:1221-01 CVE-2012-0547 CVE-2012-1682 | Version: | 13 |
| Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27774 | |||
| Oval ID: | oval:org.mitre.oval:def:27774 | ||
| Title: | DEPRECATED: ELSA-2012-1221 -- java-1.6.0-openjdk security update (critical) | ||
| Description: | [1:1.6.0.0-1.49.1.11.4] - Updated to latest IedTea6 1.11.4 - Resolves: rhbz#853345 [1:1.6.0.0-1.48.1.11.3] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828752 [1:1.6.0.0-1.47.1.11.3] - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added also to package.definition - Resolves: rhbz#828752 [1:1.6.0.0-1.46.1.11.3] - Updated to IcedTea6 1.11.3 - Removed upstreamed patch8 - java-1.6.0-openjdk-jirafix_2820_2821.patch - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages added to patch - Resolves: rhbz#828752 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-1221 CVE-2012-0547 CVE-2012-1682 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27790 | |||
| Oval ID: | oval:org.mitre.oval:def:27790 | ||
| Title: | DEPRECATED: ELSA-2012-1222 -- java-1.6.0-openjdk security update (important) | ||
| Description: | [1.6.0.0-1.28.1.10.9.0.1.el5_8] - Add oracle-enterprise.patch [1:1.6.0.0-1.28.1.10.9] - Updated to latest IcedTea6 1.10.9 - Resolves: rhbz#846709 - Resolves: rhbz#853114 [1:1.6.0.0-1.27.1.10.8] - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz#828749 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2012-1222 CVE-2012-0547 CVE-2012-1682 | Version: | 4 |
| Platform(s): | Oracle Linux 5 | Product(s): | java-1.6.0-openjdk |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-12-13 | Name : SuSE Update for java-1_6_0-openjdk openSUSE-SU-2012:1175-1 (java-1_6_0-openjdk) File : nvt/gb_suse_2012_1175_1.nasl |
| 2012-10-09 | Name : Mandriva Update for java-1.6.0-openjdk MDVSA-2012:150-1 (java-1.6.0-openjdk) File : nvt/gb_mandriva_MDVSA_2012_150_1.nasl |
| 2012-09-04 | Name : CentOS Update for java CESA-2012:1221 centos6 File : nvt/gb_CESA-2012_1221_java_centos6.nasl |
| 2012-09-04 | Name : CentOS Update for java CESA-2012:1222 centos5 File : nvt/gb_CESA-2012_1222_java_centos5.nasl |
| 2012-09-04 | Name : CentOS Update for java CESA-2012:1223 centos6 File : nvt/gb_CESA-2012_1223_java_centos6.nasl |
| 2012-09-04 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01 File : nvt/gb_RHSA-2012_1221-01_java-1.6.0-openjdk.nasl |
| 2012-09-04 | Name : RedHat Update for java-1.6.0-openjdk RHSA-2012:1222-01 File : nvt/gb_RHSA-2012_1222-01_java-1.6.0-openjdk.nasl |
| 2012-09-04 | Name : RedHat Update for java-1.7.0-openjdk RHSA-2012:1223-01 File : nvt/gb_RHSA-2012_1223-01_java-1.7.0-openjdk.nasl |
| 2012-09-04 | Name : Ubuntu Update for openjdk-6 USN-1553-1 File : nvt/gb_ubuntu_USN_1553_1.nasl |
| 2012-09-03 | Name : Oracle Java SE JRE Multiple Remote Code Execution Vulnerabilities - (Windows) File : nvt/gb_oracle_java_se_jre_mult_code_exec_vuln_win.nasl |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-592.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-601.nasl - Type : ACT_GATHER_INFO |
| 2014-01-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2012-119.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
| 2013-02-22 | Name : The remote Unix host contains a programming platform that is affected by mult... File : oracle_java7_update6_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-120919.nasl - Type : ACT_GATHER_INFO |
| 2013-01-25 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-120905.nasl - Type : ACT_GATHER_INFO |
| 2012-11-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1466.nasl - Type : ACT_GATHER_INFO |
| 2012-10-06 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2012-150.nasl - Type : ACT_GATHER_INFO |
| 2012-09-19 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1289.nasl - Type : ACT_GATHER_INFO |
| 2012-09-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
| 2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_6_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-09-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120903_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1223.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1553-1.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1225.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1222.nasl - Type : ACT_GATHER_INFO |
| 2012-09-04 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1221.nasl - Type : ACT_GATHER_INFO |
| 2012-08-27 | Name : The remote Windows host contains a programming platform that is affected by m... File : oracle_java7_update6.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-04-02 01:17:07 |
|
| 2024-02-02 01:18:51 |
|
| 2024-02-01 12:05:34 |
|
| 2023-09-05 12:17:47 |
|
| 2023-09-05 01:05:27 |
|
| 2023-09-02 12:17:49 |
|
| 2023-09-02 01:05:33 |
|
| 2023-08-12 12:21:33 |
|
| 2023-08-12 01:05:33 |
|
| 2023-08-11 12:17:55 |
|
| 2023-08-11 01:05:43 |
|
| 2023-08-06 12:17:13 |
|
| 2023-08-06 01:05:33 |
|
| 2023-08-04 12:17:17 |
|
| 2023-08-04 01:05:36 |
|
| 2023-07-14 12:17:16 |
|
| 2023-07-14 01:05:31 |
|
| 2023-03-29 01:19:12 |
|
| 2023-03-28 12:05:39 |
|
| 2022-12-22 01:13:57 |
|
| 2022-12-14 01:13:58 |
|
| 2022-12-01 01:14:00 |
|
| 2022-11-22 01:14:17 |
|
| 2022-10-11 12:15:25 |
|
| 2022-10-11 01:05:15 |
|
| 2022-07-23 12:13:03 |
|
| 2022-05-24 12:15:38 |
|
| 2022-05-14 12:13:11 |
|
| 2022-05-14 01:12:14 |
|
| 2022-04-28 01:12:58 |
|
| 2022-01-22 01:11:48 |
|
| 2021-09-23 01:10:24 |
|
| 2021-07-27 01:10:01 |
|
| 2021-05-05 01:10:13 |
|
| 2021-05-04 12:19:32 |
|
| 2021-04-22 01:23:15 |
|
| 2020-10-27 01:14:27 |
|
| 2020-09-09 12:07:37 |
|
| 2020-09-09 01:07:50 |
|
| 2020-07-17 01:07:08 |
|
| 2020-05-24 01:08:57 |
|
| 2020-05-23 01:48:27 |
|
| 2020-05-23 00:33:16 |
|
| 2019-05-10 12:04:36 |
|
| 2018-10-30 12:04:58 |
|
| 2018-10-23 12:03:58 |
|
| 2018-07-25 12:03:05 |
|
| 2018-05-02 12:01:04 |
|
| 2018-02-06 01:01:32 |
|
| 2017-10-27 12:01:25 |
|
| 2017-08-17 12:05:18 |
|
| 2017-05-12 12:03:56 |
|
| 2017-02-11 12:00:40 |
|
| 2016-11-01 12:03:35 |
|
| 2016-08-05 12:03:41 |
|
| 2016-06-28 19:05:12 |
|
| 2016-04-26 21:41:21 |
|
| 2014-11-08 13:30:05 |
|
| 2014-06-14 13:32:39 |
|
| 2014-02-17 11:09:09 |
|
| 2013-10-31 13:19:16 |
|
| 2013-08-27 13:19:45 |
|
| 2013-05-10 22:36:22 |
|
| 2013-04-19 13:20:08 |
|
| 2013-01-30 13:21:22 |
|
| 2013-01-12 13:21:23 |
|
