ID CVE-2012-1720
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.
References
Vulnerable Configurations
  • Oracle JRE 1.7.0 Update 4
    cpe:2.3:a:oracle:jre:1.7.0:update4
  • Oracle JDK 1.7.0 Update 4
    cpe:2.3:a:oracle:jdk:1.7.0:update4
  • Oracle JRE 1.6.0 Update 32
    cpe:2.3:a:oracle:jre:1.6.0:update_32
  • Oracle JDK 1.6.0 Update 32
    cpe:2.3:a:oracle:jdk:1.6.0:update_32
  • cpe:2.3:a:sun:jre:1.5.0:update35
    cpe:2.3:a:sun:jre:1.5.0:update35
  • cpe:2.3:a:sun:jdk:1.5.0:update35
    cpe:2.3:a:sun:jdk:1.5.0:update35
  • Sun JRE 1.4.2_37
    cpe:2.3:a:sun:jre:1.4.2_37
  • Sun JDK 1.4.2_37
    cpe:2.3:a:sun:jdk:1.4.2_37
CVSS
Base: 3.7 (as of 18-06-2012 - 15:59)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_JUN_2012_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 5 / 6 Update 33 / 5.0 Update 36 / 1.4.2_38 and is, therefore, potentially affected by security issues in the following components : - 2D - Deployment - Hotspot - Swing - CORBA - Libraries - JAXP - Security - Networking - Java Runtime Environment
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 64848
    published 2013-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=64848
    title Oracle Java SE Multiple Vulnerabilities (June 2012 CPU) (Unix)
  • NASL family Windows
    NASL id VMWARE_VCENTER_UPDATE_MGR_VMSA-2012-0013.NASL
    description The version of VMware vCenter Update Manager installed on the remote Windows host is 4.0 earlier than Update 4a, or 4.1 earlier than Update 3. Such versions use a version of the Oracle JRE 1.5 that is affected by multiple vulnerabilities.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 66909
    published 2013-06-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66909
    title VMware vCenter Update Manager Multiple Vulnerabilities (VMSA-2012-0013)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_JUN_2012.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 5 / 6 Update 33 / 5.0 Update 36 / 1.4.2_38 and is, therefore, potentially affected by security issues in the following components : - 2D - Deployment - Hotspot - Swing - CORBA - Libraries - JAXP - Security - Networking - Java Runtime Environment
    last seen 2018-09-01
    modified 2018-07-18
    plugin id 59462
    published 2012-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=59462
    title Oracle Java SE Multiple Vulnerabilities (June 2012 CPU)
  • NASL family Misc.
    NASL id VMWARE_VCENTER_VMSA-2012-0013.NASL
    description The version of VMware vCenter installed on the remote host is 4.0 earlier than Update 4a, 4.1 earlier than Update 3, or 5.0 earlier than Update 2. As such, it is potentially affected by multiple vulnerabilities in the included Oracle (Sun) Java Runtime Environment.
    last seen 2018-09-01
    modified 2018-08-06
    plugin id 66806
    published 2013-06-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66806
    title VMware vCenter Multiple Vulnerabilities (VMSA-2012-0013)
oval via4
accepted 2015-03-23T04:00:54.197-04:00
class vulnerability
contributors
  • name Sergey Artykhov
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Java SE Runtime Environment 4 is installed
    oval oval:org.mitre.oval:def:16482
  • comment Java SE Runtime Environment 5 is installed
    oval oval:org.mitre.oval:def:15748
  • comment Java SE Runtime Environment 6 is installed
    oval oval:org.mitre.oval:def:16362
  • comment Java SE Runtime Environment 7 is installed
    oval oval:org.mitre.oval:def:16050
description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.
family windows
id oval:org.mitre.oval:def:16581
status accepted
submitted 2013-04-22T10:26:26.748+04:00
title Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Networking) 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.
version 9
refmap via4
bid 53956
confirm
hp
  • HPSBUX02805
  • SSRT100919
mandriva MDVSA-2013:150
secunia 51080
vmware via4
description The Oracle (Sun) JRE is updated to 1.5.0_36 to address multiple security issues. Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_36 in the Oracle Java SE Critical Patch Update Advisory for June 2012.
id VMSA-2012-0013
last_updated 2012-12-20T00:00:00
published 2012-08-30T00:00:00
title vCenter Update Manager update to JRE 1.5.0 Update 36
Last major update 02-11-2013 - 23:23
Published 16-06-2012 - 17:55
Last modified 18-09-2017 - 21:34
Back to Top