Vulnerability-Lookup

CVE-2012-1713 (GCVE-0-2012-1713)

Vulnerability from cvelistv5 – Published: 2012-06-16 21:00 – Updated: 2024-08-06 19:08

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Severity ?

No CVSS data available.

CWE

Assigner

oracle

References

21 references

URL	Tags
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2012-0734.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2012-1243.html	vendor-advisoryx_refsource_REDHAT
http://mail.openjdk.java.net/pipermail/distro-pkg…	mailing-listx_refsource_MLIST
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/50659	third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=134496371727681&w=2	vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://www.securityfocus.com/bid/53946	vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
http://www.ibm.com/support/docview.wss?uid=swg21615246	x_refsource_CONFIRM
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://secunia.com/advisories/51080	third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=134496371727681&w=2	vendor-advisoryx_refsource_HP

Date Public ?

2012-06-12 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:08:37.522Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:1265",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "SUSE-SU-2012:1177",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
          },
          {
            "name": "SUSE-SU-2012:1231",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
          },
          {
            "name": "RHSA-2012:0734",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
          },
          {
            "name": "RHSA-2012:1243",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
          },
          {
            "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
          },
          {
            "name": "oval:org.mitre.oval:def:16502",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502"
          },
          {
            "name": "50659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50659"
          },
          {
            "name": "SSRT100919",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
          },
          {
            "name": "SUSE-SU-2012:1204",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "MDVSA-2012:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
          },
          {
            "name": "53946",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53946"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "51080",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51080"
          },
          {
            "name": "HPSBUX02805",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-06-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:1265",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "SUSE-SU-2012:1177",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
        },
        {
          "name": "SUSE-SU-2012:1231",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
        },
        {
          "name": "RHSA-2012:0734",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
        },
        {
          "name": "RHSA-2012:1243",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
        },
        {
          "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
        },
        {
          "name": "oval:org.mitre.oval:def:16502",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502"
        },
        {
          "name": "50659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50659"
        },
        {
          "name": "SSRT100919",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
        },
        {
          "name": "SUSE-SU-2012:1204",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "MDVSA-2012:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
        },
        {
          "name": "53946",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53946"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "51080",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51080"
        },
        {
          "name": "HPSBUX02805",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-1713",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:1265",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "SUSE-SU-2012:1177",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
            },
            {
              "name": "SUSE-SU-2012:1231",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
            },
            {
              "name": "RHSA-2012:0734",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
            },
            {
              "name": "RHSA-2012:1243",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
            },
            {
              "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
              "refsource": "MLIST",
              "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
            },
            {
              "name": "oval:org.mitre.oval:def:16502",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502"
            },
            {
              "name": "50659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50659"
            },
            {
              "name": "SSRT100919",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:1204",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "MDVSA-2012:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
            },
            {
              "name": "53946",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53946"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21615246",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "51080",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51080"
            },
            {
              "name": "HPSBUX02805",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-1713",
    "datePublished": "2012-06-16T21:00:00.000Z",
    "dateReserved": "2012-03-16T00:00:00.000Z",
    "dateUpdated": "2024-08-06T19:08:37.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2012-1713",
      "date": "2026-05-19",
      "epss": "0.0643",
      "percentile": "0.91155"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.7.0\", \"matchCriteriaId\": \"2D3162C7-575B-4AD4-B923-C97F5706349B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.7.0\", \"matchCriteriaId\": \"404F6D28-CCE9-4767-8734-544274B4D086\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:*:update32:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.6.0\", \"matchCriteriaId\": \"574A7ACD-243A-4136-AB02-B89EA97C884F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:*:update32:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.6.0\", \"matchCriteriaId\": \"179867A2-8221-4B8C-A04C-35FBA8EB07D5\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.5.0\", \"matchCriteriaId\": \"222B2736-EBC3-400D-80BB-70464203A8BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.5.0\", \"matchCriteriaId\": \"677FED6F-DDA1-45F7-900E-B98FECE04F7A\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.4.2_37\", \"matchCriteriaId\": \"4DD9946E-3467-4D83-BB5B-E31AF6958EB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.4.2_37\", \"matchCriteriaId\": \"9A452D1C-3C17-41D4-A930-34277A27A711\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.1\", \"matchCriteriaId\": \"A7BFB56B-FF03-4C7A-9049-19B97E791EBC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualizaci\\u00f3n 35 y anteriores, v1.4.2_37 y anteriores, y JavaFX 2.1 y versiones anteriores permite a atacantes remotos afectar a la confidencialidad , la integridad y la disponibilidad a trav\\u00e9s de vectores desconocidos relacionados con el 2D.\"}]",
      "id": "CVE-2012-1713",
      "lastModified": "2024-11-21T01:37:31.117",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2012-06-16T21:55:03.157",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0734.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1243.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1455.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1456.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/50659\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://secunia.com/advisories/51080\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.ibm.com/support/docview.wss?uid=swg21615246\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:095\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/53946\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502\", \"source\": \"secalert_us@oracle.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-0734.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1243.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1455.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1456.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/50659\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/51080\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://security.gentoo.org/glsa/glsa-201406-32.xml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ibm.com/support/docview.wss?uid=swg21615246\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2012:095\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/53946\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "secalert_us@oracle.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-1713\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2012-06-16T21:55:03.157\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualizaci\u00f3n 35 y anteriores, v1.4.2_37 y anteriores, y JavaFX 2.1 y versiones anteriores permite a atacantes remotos afectar a la confidencialidad , la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con el 2D.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.0\",\"matchCriteriaId\":\"2D3162C7-575B-4AD4-B923-C97F5706349B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.0\",\"matchCriteriaId\":\"404F6D28-CCE9-4767-8734-544274B4D086\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:*:update32:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.0\",\"matchCriteriaId\":\"574A7ACD-243A-4136-AB02-B89EA97C884F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:*:update32:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.6.0\",\"matchCriteriaId\":\"179867A2-8221-4B8C-A04C-35FBA8EB07D5\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5.0\",\"matchCriteriaId\":\"222B2736-EBC3-400D-80BB-70464203A8BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.5.0\",\"matchCriteriaId\":\"677FED6F-DDA1-45F7-900E-B98FECE04F7A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_37\",\"matchCriteriaId\":\"4DD9946E-3467-4D83-BB5B-E31AF6958EB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.4.2_37\",\"matchCriteriaId\":\"9A452D1C-3C17-41D4-A930-34277A27A711\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.1\",\"matchCriteriaId\":\"A7BFB56B-FF03-4C7A-9049-19B97E791EBC\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0734.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1243.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1455.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1456.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/50659\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/51080\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21615246\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:095\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53946\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=134496371727681\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-0734.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2012-1243.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1455.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1456.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/50659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/51080\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security.gentoo.org/glsa/glsa-201406-32.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ibm.com/support/docview.wss?uid=swg21615246\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2012:095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/53946\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16502\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTA-2012-AVI-331

Vulnerability from certfr_avis - Published: - Updated:

Quatorze vulnérabilités dont l'exploitation est assez simple ont été corrigées dans Oracle Java. Huit permettent d'exécuter du code arbitraire et quatre d'entre elles permettent un atteinte à la confidentialité et à l'authenticité des données au travers du réseau.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	N/A	Oracle JDK et JRE 5.0 (mise à jour 35) et antérieures ;
Oracle	N/A	Oracle SDK et JRE 1.4.2_37 et antérieures ;
Oracle	N/A	Oracle JavaFX 2.1 et antérieures.
Oracle	N/A	Oracle JDK et JRE 7 (mise à jour 4) et antérieures ;
Oracle	N/A	Oracle JDK et JRE 6 (mise à jour 32) et antérieures ;

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 13 juin 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Oracle JDK et JRE 5.0 (mise \u00e0 jour 35) et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle SDK et JRE 1.4.2_37 et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JavaFX 2.1 et ant\u00e9rieures.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JDK et JRE 7 (mise \u00e0 jour 4) et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    },
    {
      "description": "Oracle JDK et JRE 6 (mise \u00e0 jour 32) et ant\u00e9rieures ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Oracle",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1726"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1724"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1723"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1711"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-331",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Quatorze vuln\u00e9rabilit\u00e9s dont l\u0027exploitation est assez simple ont \u00e9t\u00e9\ncorrig\u00e9es dans \u003cspan class=\"textit\"\u003eOracle Java\u003c/span\u003e. Huit permettent\nd\u0027ex\u00e9cuter du code arbitraire et quatre d\u0027entre elles permettent un\natteinte \u00e0 la confidentialit\u00e9 et \u00e0 l\u0027authenticit\u00e9 des donn\u00e9es au travers\ndu r\u00e9seau.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 13 juin 2012",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
    }
  ]
}

CERTA-2012-AVI-332

Vulnerability from certfr_avis - Published: - Updated:

Onze vulnérabilités ont été corrigées dans le moteur Java OS X. Les vulnérabilités sont identifiées et listées dans le bulletin de sécurité Oracle (cf. section Documentation). La majorité des vulnérabilités permettent une exécution de code à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	versions antérieures à Mac OS X 10.6 (mise à jour 9).
	N/A	N/A	Versions antérieures à OS X 2012-004 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Apple HT5319 du 12 juin 2012	None	vendor-advisory
Bulletin de sécurité Oracle du 13 juin 2012 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "versions ant\u00e9rieures \u00e0 Mac OS X 10.6 (mise \u00e0 jour 9).",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 OS X 2012-004 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1724"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1723"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1711"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 13 juin 2012 :",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
    }
  ],
  "reference": "CERTA-2012-AVI-332",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-06-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Onze vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le moteur \u003cspan\nclass=\"textit\"\u003eJava\u003c/span\u003e \u003cspan class=\"textit\"\u003eOS X\u003c/span\u003e. Les\nvuln\u00e9rabilit\u00e9s sont identifi\u00e9es et list\u00e9es dans le bulletin de s\u00e9curit\u00e9\n\u003cspan class=\"textit\"\u003eOracle\u003c/span\u003e (cf. section Documentation). La\nmajorit\u00e9 des vuln\u00e9rabilit\u00e9s permettent une ex\u00e9cution de code \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Mac OS X",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Apple HT5319 du 12 juin 2012",
      "url": "http://support.apple.com/kb/HT5319"
    }
  ]
}

CERTA-2012-AVI-452

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités ont été corrigées dans Java Runtime Evironment (JRE) et Java Developper Kit (JDK) pour HP-UX. Ces vulnérabilités permettent à un utilisateur malintentionné d'exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Java Runtime Evironment (JRE) et Java Developper Kit (JDK) versions 7.0.02 et 6.0.15 pour HP-UX versions B.11.11, B.11.23 et B.11.31.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité HP c03441075 du 13 août 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eJava Runtime Evironment (JRE) et Java  Developper Kit (JDK) versions 7.0.02 et 6.0.15 pour HP-UX  versions B.11.11, B.11.23 et B.11.31.\u003c/p\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1726",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1726"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1724"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1723"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1711",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1711"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    },
    {
      "name": "CVE-2012-0508",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0508"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-452",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-08-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eJava Runtime Evironment (JRE)\u003c/span\u003e et \u003cspan\nclass=\"textit\"\u003eJava Developper Kit (JDK)\u003c/span\u003e pour HP-UX. Ces\nvuln\u00e9rabilit\u00e9s permettent \u00e0 un utilisateur malintentionn\u00e9 d\u0027ex\u00e9cuter du\ncode arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Java pour HP-UX",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HP c03441075 du 13 ao\u00fbt 2012",
      "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03441075"
    }
  ]
}

CERTA-2012-AVI-592

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM DB2 QMF. La plus critique permet à un attaquant une atteinte à la confidentialité des données. Elle concerne le composant Java Runtime Environment (JRE).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

DB2 QMF version 10.1.5 et versions antérieures

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21614441 du 19 octobre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eDB2 QMF version 10.1.5 et versions ant\u00e9rieures\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-592",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM DB2 QMF\u003c/span\u003e. La plus critique permet \u00e0 un\nattaquant une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es. Elle concerne\nle composant \u003cspan class=\"textit\"\u003eJava Runtime Environment\u003c/span\u003e (JRE).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM DB2 QMF",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21614441 du 19 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21614441"
    }
  ]
}

CERTA-2012-AVI-607

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM WebSphere. Certaines d'entre elles permettent à un attaquant une atteinte à l'intégrité et à la confidentialité des données. Elles concernent le composant JRE version 5.0 qui est intégré dans IBM WebSphere.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM WebSphere MQ version 7.0.1 avec la JRE version 5.0

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21615246 du 25 octobre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eIBM WebSphere MQ version 7.0.1 avec la JRE version 5.0\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1723",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1723"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-607",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-10-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM WebSphere\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es. Elles concernent le composant \u003cspan class=\"textit\"\u003eJRE version\n5.0\u003c/span\u003e qui est int\u00e9gr\u00e9 dans \u003cspan class=\"textit\"\u003eIBM\nWebSphere\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM WebSphere MQ",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21615246 du 25 octobre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615246"
    }
  ]
}

CERTA-2012-AVI-622

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité critique a été corrigée dans IBM Rational. Elle permet à un attaquant d'exécuter du code arbitraire au moyen d'une police de caractères spécialement conçue. La vulnérabilité concerne le composant Java.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	Versions antérieures à Rational Team Concert 3.0.1.5
IBM	N/A	Versions antérieures à Rational Requirements Composer 3.0.1.5
IBM	N/A	Versions antérieures à Rational Quality Manager 3.0.1.5

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21615854 du 02 novembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Versions ant\u00e9rieures \u00e0 Rational Team Concert 3.0.1.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 Rational Requirements Composer 3.0.1.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "Versions ant\u00e9rieures \u00e0 Rational Quality Manager 3.0.1.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-622",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-11-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 critique a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eIBM\nRational\u003c/span\u003e. Elle permet \u00e0 un attaquant d\u0027ex\u00e9cuter du code\narbitraire au moyen d\u0027une police de caract\u00e8res sp\u00e9cialement con\u00e7ue. La\nvuln\u00e9rabilit\u00e9 concerne le composant \u003cspan class=\"textit\"\u003eJava\u003c/span\u003e.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans IBM Rational",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21615854 du 02 novembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615854"
    }
  ]
}

CERTA-2012-AVI-666

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM IMS Audit Management Expert. Elles permettent à un attaquant de provoquer une atteinte à l'intégrité et à la confidentialité des données. Elles concernent le composant JRE version 5.0.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM IMS Audit Management Expert pour z/OS version 1.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21617572 du 15 novembre 2012	None	vendor-advisory
Bulletin de sécurité IBM swg1PM65379 du 15 novembre 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eIBM IMS Audit Management Expert pour z/OS version 1.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-666",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-11-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM IMS Audit Management Expert\u003c/span\u003e. Elles permettent\n\u00e0 un attaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es. Elles concernent le composant \u003cspan\nclass=\"textit\"\u003eJRE\u003c/span\u003e version 5.0.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM IMS Audit Management Expert",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21617572 du 15 novembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM65379"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg1PM65379 du 15 novembre 2012",
      "url": null
    }
  ]
}

CERTA-2012-AVI-675

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM Security AppScan Source. Elles permettent à un attaquant de provoquer un déni de service à distance, et une atteinte à l'intégrité et à la confidentialité des données. Elles concernent le composant Java Runtime Environment.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Security AppScan Source versions antérieures à 8.6.0.2

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21616184 du 21 novembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eIBM Security AppScan Source versions ant\u00e9rieures \u00e0 8.6.0.2\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1724",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1724"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-675",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-11-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM Security AppScan Source\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es. Elles concernent le\ncomposant \u003cspan class=\"textit\"\u003eJava Runtime Environment\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM Security AppScan Source",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21616184 du 21 novembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616184"
    }
  ]
}

CERTA-2012-AVI-694

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans IBM DOORS Web Access. Elles permettent à un attaquant de provoquer un déni de service à distance, et une atteinte à l'intégrité et à la confidentialité des données. Elles concernent le composant Java Runtime Environment.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM DOORS Web Access versions antérieures à 9.5

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21617984 du 29 novembre 2012

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eIBM DOORS Web Access versions ant\u00e9rieures \u00e0 9.5\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-694",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-12-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eIBM DOORS Web Access\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service \u00e0 distance, et une atteinte \u00e0\nl\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9 des donn\u00e9es. Elles concernent le\ncomposant \u003cspan class=\"textit\"\u003eJava Runtime Environment\u003c/span\u003e.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM DOORS Web Access",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21617984 du 29 novembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21617984"
    }
  ]
}

CERTA-2012-AVI-762

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits IBM Rational. Elles concernent le composant Java et peuvent mener un utilisateur malintentionné à exécuter du code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM Rational Method Composer version 7.5.2.1
IBM	N/A	IBM Rational Synergy version 7.1
IBM	N/A	IBM Rational Synergy version 7.1.0.4
IBM	N/A	IBM Rational Synergy version 7.1.0.5
IBM	N/A	IBM Rational Synergy version 7.1.0.6
IBM	N/A	IBM Rational Synergy version 7.1.0.1
IBM	N/A	IBM Rational System Architect versions antérieures à 11.4.2.2
IBM	N/A	IBM Rational Synergy version 7.1.0.2
IBM	N/A	IBM Rational Synergy version 7.1.0.3

References

Title

Publication Time

Tags

Bulletin de sécurité IBM swg21618977 du 20 décembre 2012	None	vendor-advisory
Bulletin de sécurité IBM swg21620037	None	vendor-advisory
Bulletin de sécurité IBM swg21620862 du 21 décembre 2012	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "IBM Rational Method Composer version 7.5.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational System Architect versions ant\u00e9rieures \u00e0 11.4.2.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    },
    {
      "description": "IBM Rational Synergy version 7.1.0.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "IBM",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-1722",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1722"
    },
    {
      "name": "CVE-2012-1719",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1719"
    },
    {
      "name": "CVE-2012-3159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3159"
    },
    {
      "name": "CVE-2012-1533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1533"
    },
    {
      "name": "CVE-2012-1531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1531"
    },
    {
      "name": "CVE-2012-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3216"
    },
    {
      "name": "CVE-2012-5081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5081"
    },
    {
      "name": "CVE-2012-5083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5083"
    },
    {
      "name": "CVE-2012-1721",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1721"
    },
    {
      "name": "CVE-2012-1720",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1720"
    },
    {
      "name": "CVE-2012-1718",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1718"
    },
    {
      "name": "CVE-2012-5072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5072"
    },
    {
      "name": "CVE-2012-5079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5079"
    },
    {
      "name": "CVE-2012-5075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5075"
    },
    {
      "name": "CVE-2012-5071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5071"
    },
    {
      "name": "CVE-2012-1716",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1716"
    },
    {
      "name": "CVE-2012-5073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5073"
    },
    {
      "name": "CVE-2012-5084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5084"
    },
    {
      "name": "CVE-2012-1725",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1725"
    },
    {
      "name": "CVE-2012-5089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5089"
    },
    {
      "name": "CVE-2012-3143",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3143"
    },
    {
      "name": "CVE-2012-1717",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1717"
    },
    {
      "name": "CVE-2012-5069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5069"
    },
    {
      "name": "CVE-2012-5068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5068"
    },
    {
      "name": "CVE-2012-4416",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-4416"
    },
    {
      "name": "CVE-2012-1532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1532"
    },
    {
      "name": "CVE-2012-0551",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-0551"
    },
    {
      "name": "CVE-2012-1713",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-1713"
    }
  ],
  "links": [],
  "reference": "CERTA-2012-AVI-762",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2012-12-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eIBM Rational\u003c/span\u003e. Elles concernent le composant \u003cspan\nclass=\"textit\"\u003eJava\u003c/span\u003e et peuvent mener un utilisateur\nmalintentionn\u00e9 \u00e0 ex\u00e9cuter du code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM Rational",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21618977 du 20 d\u00e9cembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21618977"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21620037",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg21620862 du 21 d\u00e9cembre 2012",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620862"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-1713 (GCVE-0-2012-1713)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Tags

Sightings

Nomenclature