LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

java: multiple unspecified vulnerabilities

Package(s):java-1.7.0-oracle CVE #(s):CVE-2012-0551 CVE-2012-1721 CVE-2012-1722 CVE-2012-1726
Created:June 20, 2012 Updated:September 28, 2012
Description: From the CVE entries:

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment. (CVE-2012-0551)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722. (CVE-2012-1721)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, and 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721. (CVE-2012-1722)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. (CVE-2012-1726)

Alerts:
Red Hat RHSA-2012:1019-01 2012-06-20
Red Hat RHSA-2012:1009-01 2012-06-20
Oracle ELSA-2012-1009 2012-06-30
Scientific Linux SL-java-20120705 2012-07-05
CentOS CESA-2012:1009 2012-07-10
Red Hat RHSA-2012:1238-01 2012-09-06
Red Hat RHSA-2012:1289-01 2012-09-18
SUSE SUSE-SU-2012:1231-1 2012-09-25
SUSE SUSE-SU-2012:1265-1 2012-09-28
(Log in to post comments)

java: multiple unspecified vulnerabilities

Posted Jun 21, 2012 5:45 UTC (Thu) by fredrik (subscriber, #232) [Link]

Security through obscurity sucks. Granted, I'm not a paying customer, so I guess Oracle can feel free to ignore me. Though this shady behaviour doesn't increase the chance of me recommending anyone to buy from Oracle in the future either.

java: multiple unspecified vulnerabilities

Posted Jun 25, 2012 12:50 UTC (Mon) by mgerdin (subscriber, #84543) [Link]

You can find somewhat more detailed information at
http://www.oracle.com/technetwork/java/javase/7u5-relnote...
and
http://www.oracle.com/technetwork/topics/security/javacpu...

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds