| ID |
CVE-2012-1726
|
| Summary |
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.4 (as of 19-09-2017 - 01:34) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:P/A:N
|
| oval
via4
|
| accepted | 2013-06-10T04:01:28.449-04:00 | | class | vulnerability | | contributors | | name | Sergey Artykhov | | organization | ALTX-SOFT |
| | definition_extensions | | comment | Java SE Runtime Environment 7 is installed | | oval | oval:org.mitre.oval:def:16050 |
| | description | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | | family | windows | | id | oval:org.mitre.oval:def:16699 | | status | accepted | | submitted | 2013-04-22T10:26:26.748+04:00 | | title | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 update 4 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries. | | version | 5 |
|
| redhat
via4
|
| advisories | | bugzilla | | id | 829377 | | title | CVE-2012-1726 OpenJDK: java.lang.invoke.MethodHandles.Lookup does not honor access modes (Libraries, 7165628) |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| OR | | AND | | comment | java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121009001 |
| comment | java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20121009002 |
|
| AND | | comment | java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121009003 |
| comment | java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20121009004 |
|
| AND | | comment | java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121009005 |
| comment | java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20121009006 |
|
| AND | | comment | java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121009007 |
| comment | java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20121009008 |
|
| AND | | comment | java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121009009 |
| comment | java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20121009010 |
|
|
|
|
| | rhsa | | id | RHSA-2012:1009 | | released | 2012-06-20 | | severity | Important | | title | RHSA-2012:1009: java-1.7.0-openjdk security and bug fix update (Important) |
|
| | rpms | - java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3
- java-1.7.0-oracle-1:1.7.0.5-1jpp.1.el6
- java-1.7.0-oracle-devel-1:1.7.0.5-1jpp.1.el6
- java-1.7.0-oracle-jdbc-1:1.7.0.5-1jpp.1.el6
- java-1.7.0-oracle-plugin-1:1.7.0.5-1jpp.1.el6
- java-1.7.0-oracle-src-1:1.7.0.5-1jpp.1.el6
- java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3
|
|
| refmap
via4
|
|
| Last major update |
19-09-2017 - 01:34 |
| Published |
16-06-2012 - 21:55 |
| Last modified |
19-09-2017 - 01:34 |
