exploit the possibilities
Showing 1 - 14 of 14 RSS Feed

CVE-2012-1682

Status Candidate

Overview

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."

Related Files

Gentoo Linux Security Advisory 201401-30
Posted Jan 27, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-30 - Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Versions less than or equal to 1.6.0.45 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3563, CVE-2011-5035, CVE-2012-0497, CVE-2012-0498, CVE-2012-0499, CVE-2012-0500, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0504, CVE-2012-0505, CVE-2012-0506, CVE-2012-0507, CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723
MD5 | 48881d493fbb8febb2b7809ba22310b7
Red Hat Security Advisory 2013-1456-01
Posted Oct 23, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1456-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite Server 5.5. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. Several flaws were fixed in the IBM Java 2 Runtime Environment.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-0551, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1541, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-3143, CVE-2012-3159, CVE-2012-3213, CVE-2012-3216, CVE-2012-3342, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073
MD5 | 74ee3e4f4378bbcb332594e8adee782f
Zero Day Initiative Advisory 12-197
Posted Dec 22, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. This can result in remote code execution under the context of the current process.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1682
MD5 | 132ba214535b200f9973186aaa773eb2
Red Hat Security Advisory 2012-1466-01
Posted Nov 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1466-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-1682, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4820, CVE-2012-4822, CVE-2012-4823, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5079, CVE-2012-5081, CVE-2012-5083, CVE-2012-5084, CVE-2012-5089
MD5 | 25c2263d44d7a5d1b46052fbfcf757a7
HP Security Bulletin HPSBUX02824 SSRT100970 2
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02824 SSRT100970 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX.These vulnerabilities could allow remote execution of arbitrary code and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, java, remote, arbitrary, vulnerability
systems | hpux
advisories | CVE-2012-0547, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
MD5 | 20fbcfe1d50b10403ce19877ac2b3067
HP Security Bulletin HPSBUX02824 SSRT100970
Posted Oct 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02824 SSRT100970 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote execution of arbitrary code and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, arbitrary, vulnerability
systems | hpux
advisories | CVE-2012-0574, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
MD5 | 0e0b68ee1d9b6166cfb25ed24d0697f5
Mandriva Linux Security Advisory 2012-150-1
Posted Oct 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-150 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited. The updated packages provides icedtea6-1.11.4 which is not vulnerable to these issues.

tags | advisory, java, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0547, CVE-2012-1682
MD5 | 01498a7ea9f2a79ee3ac76ce9b470fa4
Red Hat Security Advisory 2012-1289-01
Posted Sep 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1289-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-0551, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-1726, CVE-2012-3136, CVE-2012-4681
MD5 | a1e033c9ab69dd373c671fb10ac72e17
Mandriva Linux Security Advisory 2012-150
Posted Sep 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-150 - Multiple security issues were identified and fixed in OpenJDK (icedtea6). Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited. Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. The updated packages provides icedtea6-1.11.4 which is not vulnerable to these issues.

tags | advisory, java, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2012-0547, CVE-2012-1682
MD5 | dcd79d7d90b4dd36de32b7c6194eb1e3
Red Hat Security Advisory 2012-1225-01
Posted Sep 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1225-01 - The Oracle Java 7 release includes the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. This update fixes several vulnerabilities in the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. Red Hat is aware that a public exploit for CVE-2012-4681 is available that executes code without user interaction when a user visits a malicious web page using a browser with the Oracle Java 7 web browser plug-in enabled.

tags | advisory, java, web, vulnerability
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
MD5 | 5368c7b272b86f8e6e7f9502112944c4
Ubuntu Security Notice USN-1553-1
Posted Sep 4, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1553-1 - It was discovered that the Beans component in OpenJDK 6 did not properly prevent access to restricted classes. A remote attacker could use this to create an untrusted Java applet or application that would bypass Java sandbox restrictions. It was discovered that functionality in the AWT component in OpenJDK 6 made it easier for a remote attacker, in conjunction with other vulnerabilities, to bypass Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1682, CVE-2012-0547, CVE-2012-0547, CVE-2012-1682
MD5 | 0ef071c317b14ae003f43d471bceedf1
Red Hat Security Advisory 2012-1223-01
Posted Sep 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1223-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
MD5 | 530fe7660eb11e80819fb9a4b4c66d9f
Red Hat Security Advisory 2012-1221-01
Posted Sep 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1221-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-1682
MD5 | 71075af8f27a729bae53f26504174183
Red Hat Security Advisory 2012-1222-01
Posted Sep 4, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1222-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-1682
MD5 | 6b605b91ede9f863812961143ec563a3
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close