CVE-2011-3571

Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session.  NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.6 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:S/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
oraclevirtualization
3.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
virtualbox
hardy
dne
lucid
dne
maverick
dne
natty
dne
oneiric
ignored
precise
not-affected
quantal
not-affected
raring
ignored
saucy
not-affected
virtualbox-ose
hardy
ignored
lucid
ignored
maverick
ignored
natty
ignored
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
java-1_7_0-openjdk
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.6.0-openjdk
RHEL 6
1:1.6.0.0-1.43.1.10.6.el6_2
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.0-1.43.1.10.6.el6_2
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.0-1.43.1.10.6.el6_2
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.0-1.43.1.10.6.el6_2
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.0-1.43.1.10.6.el6_2
fixed
java-1.6.0-sun
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
java-1.6.0-sun-demo
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
java-1.6.0-sun-devel
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
java-1.6.0-sun-jdbc
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
java-1.6.0-sun-plugin
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
java-1.6.0-sun-src
RHEL 6
1:1.6.0.31-1jpp.1.el6_2
fixed
References
http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html
http://secunia.com/advisories/48073
http://secunia.com/advisories/48074
http://secunia.com/advisories/50897
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
http://lists.opensuse.org/opensuse-updates/2012-10/msg00041.html
http://secunia.com/advisories/48073
http://secunia.com/advisories/48074
http://secunia.com/advisories/50897
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html