Oracle Java SE Multiple Vulnerabilities
Last Update Date:
13 Jun 2012 15:10
Release Date:
13 Jun 2012
4262
Views
RISK: High Risk
TYPE: Operating Systems - Application Platforms
Multiple vulnerabilities have been identified in Oracle Java SE. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions. A local user can partially access and modify data and partially deny service on the target system.
- A remote user can send specially crafted data to execute arbitrary code on the target system or cause complete denial of service conditions. The 2D, Deployment, Hotspot, and Swing components are affected.
- A remote user can partially access and modify data and partially deny service on the target system. The CORBA component is affected.
- A remote user can partially access and modify data on the target system. The Libraries component is affected.
- A remote user can partially modify data on the target system. The CORBA component is affected.
- A remote user can partially deny service on the target system. The JAXP and security components are affected.
- A local user can partially access and modify data and partially deny service on the target system. The Networking component is affected.
Impact
- Denial of Service
- Remote Code Execution
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Oracle Java SE versions 1.4.2_37 and prior, 5.0 Update 35 and prior, 6 Update 32 and prior, 7 Update 4 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- The vendor has issued a fix.
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
Vulnerability Identifier
- CVE-2012-1711
- CVE-2012-1713
- CVE-2012-1716
- CVE-2012-1717
- CVE-2012-1718
- CVE-2012-1719
- CVE-2012-1720
- CVE-2012-1721
- CVE-2012-1722
- CVE-2012-1723
- CVE-2012-1724
- CVE-2012-1725
- CVE-2012-1726
Source
Related Link
Share with