CVE-2012-0551

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
oracleglassfish_server
3.1.1
oraclejdk
𝑥
≤ 1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejre
𝑥
≤ 1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
oraclejdk
𝑥
≤ 1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejre
𝑥
≤ 1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.6.0-ibm
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.11.0-1jpp.1.el6_3
fixed
java-1.6.0-sun
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.6.0-sun-demo
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.6.0-sun-devel
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.6.0-sun-jdbc
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.6.0-sun-plugin
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.6.0-sun-src
RHEL 6
1:1.6.0.33-1jpp.1.el6_2
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.2.0-1jpp.3.el6_3
fixed
java-1.7.0-oracle
RHEL 6
1:1.7.0.5-1jpp.1.el6
fixed
java-1.7.0-oracle-devel
RHEL 6
1:1.7.0.5-1jpp.1.el6
fixed
java-1.7.0-oracle-jdbc
RHEL 6
1:1.7.0.5-1jpp.1.el6
fixed
java-1.7.0-oracle-plugin
RHEL 6
1:1.7.0.5-1jpp.1.el6
fixed
java-1.7.0-oracle-src
RHEL 6
1:1.7.0.5-1jpp.1.el6
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html
http://marc.info/?l=bugtraq&m=134496371727681&w=2
http://rhn.redhat.com/errata/RHSA-2012-0734.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.securityfocus.com/bid/53136
http://www.securitytracker.com/id?1026941
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16707
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html
http://marc.info/?l=bugtraq&m=134496371727681&w=2
http://rhn.redhat.com/errata/RHSA-2012-0734.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.securityfocus.com/bid/53136
http://www.securitytracker.com/id?1026941
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16707