CVE-2012-3159

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1533.

CVSS Metrics

• v2.0•HIGH•Score: 7.5AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Trends

Current EPSS score: 6.83%• Percentile: 91%

Affected Systems

• oracle•jdk

  ≤ 1.7.0 | 1.7.0 | 1.7.0:update1 | 1.7.0:update2 | 1.7.0:update3 | 1.7.0:update4 | 1.7.0:update5 | 1.7.0:update6 | ≤ 1.6.0 | 1.6.0:update22 | 1.6.0:update23 | 1.6.0:update24 | 1.6.0:update25 | 1.6.0:update26 | 1.6.0:update27 | 1.6.0:update29 | 1.6.0:update30 | 1.6.0:update31 | 1.6.0:update32 | 1.6.0:update33 | 1.6.0:update34

• oracle•jre

  ≤ 1.7.0 | 1.7.0 | 1.7.0:update1 | 1.7.0:update2 | 1.7.0:update3 | 1.7.0:update4 | 1.7.0:update5 | 1.7.0:update6 | ≤ 1.6.0 | 1.6.0:update22 | 1.6.0:update23 | 1.6.0:update24 | 1.6.0:update25 | 1.6.0:update26 | 1.6.0:update27 | 1.6.0:update29 | 1.6.0:update30 | 1.6.0:update31 | 1.6.0:update32 | 1.6.0:update33 | 1.6.0:update34

• sun•jdk

  1.6.0:update_10 | 1.6.0:update_11 | 1.6.0:update_12 | 1.6.0:update_13 | 1.6.0:update_14 | 1.6.0:update_15 | 1.6.0:update_16 | 1.6.0:update_17 | 1.6.0:update_18 | 1.6.0:update_19 | 1.6.0:update_3 | 1.6.0:update_4 | 1.6.0:update_5 | 1.6.0:update_6 | 1.6.0:update_7 | 1.6.0:update1 | 1.6.0:update1_b06 | 1.6.0:update2 | 1.6.0.200:update20 | 1.6.0.210:update21

• sun•jre

  1.6.0 | 1.6.0:update_1 | 1.6.0:update_10 | 1.6.0:update_11 | 1.6.0:update_12 | 1.6.0:update_13 | 1.6.0:update_14 | 1.6.0:update_15 | 1.6.0:update_16 | 1.6.0:update_17 | 1.6.0:update_18 | 1.6.0:update_19 | 1.6.0:update_2 | 1.6.0:update_20 | 1.6.0:update_21 | 1.6.0:update_3 | 1.6.0:update_4 | 1.6.0:update_5 | 1.6.0:update_6 | 1.6.0:update_7

References (23)

• http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html
• http://rhn.redhat.com/errata/RHSA-2012-1466.html
• http://secunia.com/advisories/51438
• http://marc.info/?l=bugtraq&m=135758563611658&w=2
• http://www-01.ibm.com/support/docview.wss?uid=swg21621154
• http://rhn.redhat.com/errata/RHSA-2013-1455.html
• http://rhn.redhat.com/errata/RHSA-2012-1391.html
• http://www-01.ibm.com/support/docview.wss?uid=swg21620037
• https://exchange.xforce.ibmcloud.com/vulnerabilities/79424
• http://secunia.com/advisories/51390
• http://rhn.redhat.com/errata/RHSA-2012-1392.html
• http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html
• http://www-01.ibm.com/support/docview.wss?uid=swg21616490
• http://secunia.com/advisories/51327
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16615
• http://rhn.redhat.com/errata/RHSA-2012-1467.html
• http://www-01.ibm.com/support/docview.wss?uid=swg21620575
• http://marc.info/?l=bugtraq&m=135542848327757&w=2
• http://www.securityfocus.com/bid/56072
• http://rhn.redhat.com/errata/RHSA-2013-1456.html
• http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
• http://secunia.com/advisories/51326
• http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf