PT-2012-3439 · Oracle+4 · Java Se+5

Publicado

2012-08-30

Atualizado

2024-06-15

CVE-2012-1682

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 Update 6 and earlier

Description The issue affects confidentiality, integrity, and availability via unknown vectors related to Beans. It is a different vulnerability than the one identified by CVE-2012-3136. There are claims from a downstream vendor that this issue might be related to an "XMLDecoder security issue via ClassFinder," but Oracle has not commented on this.

Recommendations For Oracle Java SE versions 7 Update 6 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CESA-2012_1221

CESA-2012_1223

CVE-2012-1682

HPSBUX02824

OPENSUSE-SU-2012_1154-1

OPENSUSE-SU-2012_1175-1

OPENSUSE-SU-2024:10534-1

RHSA-2012:1221

RHSA-2012:1222

RHSA-2012:1223

RHSA-2012:1225

RHSA-2012:1289

RHSA-2012:1466

RHSA-2012_1221

RHSA-2012_1222

RHSA-2012_1223

RHSA-2012_1225

RHSA-2012_1289

RHSA-2012_1466

RHSA-2013:1455

RHSA-2013:1456

ZDI-12-197

Produtos afetados

Centos

Hp-Ux

Java Platform

Java Se

Red Hat

Suse

PT-2012-3439 · Oracle+4 · Java Se+5

CVE-2012-1682

Identificadores relacionados

Produtos afetados

Referências · 395