CVE-2012-1718 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P

Base Score

CVSS 3.x

EPSS Score

Percentile: 90%

Affected Products (NVD)

Vendor	Product	Version
oracle	jdk	𝑥 ≤ 1.7.0
oracle	jre	𝑥 ≤ 1.7.0
oracle	jdk	𝑥 ≤ 1.6.0
oracle	jre	𝑥 ≤ 1.6.0
sun	jdk	𝑥 ≤ 1.5.0
sun	jre	𝑥 ≤ 1.5.0
sun	jdk	𝑥 ≤ 1.4.2_37
sun	jre	𝑥 ≤ 1.4.2_37

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

icedtea-web

hardy	dne
lucid	not-affected
natty	not-affected
oneiric	not-affected
precise	not-affected
quantal	not-affected

openjdk-6

hardy	Fixed 6b27-1.12.3-0ubuntu1~08.04.1 released
lucid	Fixed 6b24-1.11.3-1ubuntu0.10.04.1 released
natty	Fixed 6b24-1.11.3-1ubuntu0.11.04.1 released
oneiric	Fixed 6b24-1.11.3-1ubuntu0.11.10.1 released
precise	Fixed 6b24-1.11.3-1ubuntu0.12.04.1 released
quantal	not-affected

openjdk-6b18

hardy	dne
lucid	ignored
natty	ignored
oneiric	ignored
precise	dne
quantal	dne

openjdk-7

hardy	dne
lucid	dne
natty	dne
oneiric	Fixed 7u9-2.3.3-0ubuntu1~11.10.1 released
precise	not-affected
quantal	not-affected

sun-java5

hardy	ignored
lucid	dne
natty	dne
oneiric	dne
precise	dne
quantal	dne

sun-java6

hardy	ignored
lucid	dne
natty	dne
oneiric	dne
precise	dne
quantal	dne

openSUSE / SLES Releases

openSUSE Product

Release

java-1_7_0-openjdk

suse enterprise sap 12 SP5	1.7.0.231-43.27.2 fixed
suse enterprise server 12 SP2	1.7.0.111-33.1 fixed
suse enterprise server 12 SP5	1.7.0.231-43.27.2 fixed

java-1_7_0-openjdk-demo

suse enterprise sap 12 SP5	1.7.0.231-43.27.2 fixed
suse enterprise server 12 SP2	1.7.0.111-33.1 fixed
suse enterprise server 12 SP5	1.7.0.231-43.27.2 fixed

java-1_7_0-openjdk-devel

suse enterprise sap 12 SP5	1.7.0.231-43.27.2 fixed
suse enterprise server 12 SP2	1.7.0.111-33.1 fixed
suse enterprise server 12 SP5	1.7.0.231-43.27.2 fixed

java-1_7_0-openjdk-headless

suse enterprise sap 12 SP5	1.7.0.231-43.27.2 fixed
suse enterprise server 12 SP2	1.7.0.111-33.1 fixed
suse enterprise server 12 SP5	1.7.0.231-43.27.2 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

java-1.5.0-ibm

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-demo

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-devel

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-javacomm

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-jdbc

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-plugin

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.5.0-ibm-src

RHEL 6

1:1.5.0.14.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-demo

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-devel

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-javacomm

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-jdbc

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-plugin

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-ibm-src

RHEL 6

1:1.6.0.11.0-1jpp.1.el6_3

fixed

java-1.6.0-openjdk

RHEL 6

1:1.6.0.0-1.48.1.11.3.el6_2

fixed

java-1.6.0-openjdk-demo

RHEL 6

1:1.6.0.0-1.48.1.11.3.el6_2

fixed

java-1.6.0-openjdk-devel

RHEL 6

1:1.6.0.0-1.48.1.11.3.el6_2

fixed

java-1.6.0-openjdk-javadoc

RHEL 6

1:1.6.0.0-1.48.1.11.3.el6_2

fixed

java-1.6.0-openjdk-src

RHEL 6

1:1.6.0.0-1.48.1.11.3.el6_2

fixed

java-1.6.0-sun

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.6.0-sun-demo

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.6.0-sun-devel

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.6.0-sun-jdbc

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.6.0-sun-plugin

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.6.0-sun-src

RHEL 6

1:1.6.0.33-1jpp.1.el6_2

fixed

java-1.7.0-ibm

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-ibm-demo

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-ibm-devel

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-ibm-jdbc

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-ibm-plugin

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-ibm-src

RHEL 6

1:1.7.0.3.0-1jpp.2.el6_3

fixed

java-1.7.0-openjdk

RHEL 6

1:1.7.0.5-2.2.1.el6_3

fixed

java-1.7.0-openjdk-demo

RHEL 6

1:1.7.0.5-2.2.1.el6_3

fixed

java-1.7.0-openjdk-devel

RHEL 6

1:1.7.0.5-2.2.1.el6_3

fixed

java-1.7.0-openjdk-javadoc

RHEL 6

1:1.7.0.5-2.2.1.el6_3

fixed

java-1.7.0-openjdk-src

RHEL 6

1:1.7.0.5-2.2.1.el6_3

fixed

java-1.7.0-oracle

RHEL 6

1:1.7.0.5-1jpp.1.el6

fixed

java-1.7.0-oracle-devel

RHEL 6

1:1.7.0.5-1jpp.1.el6

fixed

java-1.7.0-oracle-jdbc

RHEL 6

1:1.7.0.5-1jpp.1.el6

fixed

java-1.7.0-oracle-plugin

RHEL 6

1:1.7.0.5-1jpp.1.el6

fixed

java-1.7.0-oracle-src

RHEL 6

1:1.7.0.5-1jpp.1.el6

fixed

References

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html

http://marc.info/?l=bugtraq&m=134496371727681&w=2

http://rhn.redhat.com/errata/RHSA-2012-0734.html

http://rhn.redhat.com/errata/RHSA-2012-1243.html

http://rhn.redhat.com/errata/RHSA-2012-1467.html

http://rhn.redhat.com/errata/RHSA-2013-1455.html

http://rhn.redhat.com/errata/RHSA-2013-1456.html

http://secunia.com/advisories/50659

http://secunia.com/advisories/51080

http://secunia.com/advisories/51326

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www-01.ibm.com/support/docview.wss?uid=swg21620575

http://www.ibm.com/support/docview.wss?uid=swg21615246

http://www.mandriva.com/security/advisories?name=MDVSA-2012:095

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

http://www.securityfocus.com/bid/53951

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15923

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html

http://marc.info/?l=bugtraq&m=134496371727681&w=2

http://rhn.redhat.com/errata/RHSA-2012-0734.html

http://rhn.redhat.com/errata/RHSA-2012-1243.html

http://rhn.redhat.com/errata/RHSA-2012-1467.html

http://rhn.redhat.com/errata/RHSA-2013-1455.html

http://rhn.redhat.com/errata/RHSA-2013-1456.html

http://secunia.com/advisories/50659

http://secunia.com/advisories/51080

http://secunia.com/advisories/51326

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www-01.ibm.com/support/docview.wss?uid=swg21620575

http://www.ibm.com/support/docview.wss?uid=swg21615246

http://www.mandriva.com/security/advisories?name=MDVSA-2012:095

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html

http://www.securityfocus.com/bid/53951

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15923