CVE-2012-4301

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that this issue allows remote attackers to execute arbitrary code via an "invalid type case" in the init method of the D3DShader class in the com.sun.prism.d3d package. CPU.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
VendorProductVersion
oraclejavafx
𝑥
≤ 2.2.4
oraclejavafx
2.0
oraclejavafx
2.0.2
oraclejavafx
2.0.3
oraclejavafx
2.1
oraclejavafx
2.2
oraclejavafx
2.2.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
quantal
not-affected
precise
not-affected
oneiric
not-affected
lucid
not-affected
hardy
ignored
openjdk-6b18
quantal
dne
precise
dne
oneiric
ignored
lucid
ignored
hardy
dne
openjdk-7
quantal
not-affected
precise
not-affected
oneiric
not-affected
lucid
dne
hardy
dne
sun-java5
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
ignored
sun-java6
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
ignored
References
http://marc.info/?l=bugtraq&m=136733161405818&w=2
http://marc.info/?l=bugtraq&m=136733161405818&w=2
http://www.kb.cert.org/vuls/id/858729
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
http://www.us-cert.gov/cas/techalerts/TA13-032A.html
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16180
http://marc.info/?l=bugtraq&m=136733161405818&w=2
http://marc.info/?l=bugtraq&m=136733161405818&w=2
http://www.kb.cert.org/vuls/id/858729
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
http://www.us-cert.gov/cas/techalerts/TA13-032A.html
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1027
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16180