CVE-2012-5083 – JDK: unspecified vulnerability (2D)
https://notcve.org/view.php?id=CVE-2012-5083
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, v6 Update 35 y anteriores, v5.0 Update 36 y anteriores, v1.4.2_38 y anteriores, y JavaFX v2.2 y anteriores, permite a atacantes remotos afectar la confidencialidad , la integridad y la disponibilidad a través de vectores desconocidos relacionados con el 2D. • http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00011.html http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html http://marc.info/?l=bugtraq&m=135542848327757&w=2 http://marc.info/?l=bugtraq&m=135758563611658&w=2 http://rhn.redhat.com/errata/RHSA-2012-1391.html http://rhn.redhat.com/errata/RHSA-201 •
CVE-2012-1713 – Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-1713
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.2_37 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualización 35 y anteriores, v1.4.2_37 y anteriores, y JavaFX 2.1 y versiones anteriores permite a atacantes remotos afectar a la confidencialidad , la integridad y la disponibilidad a través de vectores desconocidos relacionados con el 2D. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the BasicService.showDocument Java Webstart function. This function allows additional parameters to be passed to the browser. • http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html http://marc.info/?l=bugtraq&m=134496371727681&w=2 http://rhn.redhat.com/errata/RHSA-2012-0734.html http://rhn.red •
CVE-2012-0500 – Sun Java Web Start Plugin - Command Line Argument Injection (2012)
https://notcve.org/view.php?id=CVE-2012-0500
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 y versiones anteriores de actualizaciones 2, 6 Update 30 y anteriores, y JavaFX 2.0.2 y anteriores permite a distancia aplicaciones Java Web Start y applets de Java que no son de confianza afectar a la confidencialidad, la integridad , y la disponibilidad a través de vectores desconocidos relacionados con la implementación. • https://www.exploit-db.com/exploits/18520 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://rhn.redhat.com/errata/RHSA-2012-0514.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48073 http:// •
CVE-2012-0499 – JDK: unspecified vulnerability fixed in 6u31 and 7u3 (2D)
https://notcve.org/view.php?id=CVE-2012-0499
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and JavaFX 2.0.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 y versiones anteriores de actualizaciones 2, 6 Update 30 y anteriores, 5.0 Update 33 y anteriores, y 1.4.2_35 y anteriores, y JavaFX 2.0.2 y versiones anteriores, permite a distancia los atacantes afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con el 2D. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00015.html http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2 http://marc.info •
CVE-2011-3546 – JDK: unspecified vulnerability fixed in 6u29 (Deployment)
https://notcve.org/view.php?id=CVE-2011-3546
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JavaFX 2.0 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity via unknown vectors related to Deployment. Vulnerabilidad no especificada en el componente Java Runtime Environment en Oracle Java SE JDK y JRE v7, v6 actadualización 27 y anteriores, y JavaFX v2.0 que permite a aplicaciones Java Web Start no confiables y Java Applets no confiables afectar a la confidencialidad e integridad a través de vectores desconocidos relacionado con el despliegue de una aplicación Java. • http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html http://marc.info/?l=bugtraq&m=132750579901589&w=2 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://osvdb.org/76509 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://secunia.com/advisories/48308 http://www.ibm.com/developerworks/java/jdk/alerts http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html http://ww •