CVE-2012-1682

2012-09-0300:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.121

Percentile

95.4%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors related to
Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not
commented on claims from a downstream vendor that this issue is related to
“XMLDecoder security issue via ClassFinder.”

Notes

Author	Note
mdeslaur	in lucid+, NetX and the plugin moved to the icedtea-web package
sbeattie	armel on lucid and natty need FTBFS fixed

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchopenjdk-6< 6b27-1.12.3-0ubuntu1~08.04.1UNKNOWN
ubuntu10.04noarchopenjdk-6< 6b24-1.11.4-1ubuntu0.10.04.1UNKNOWN
ubuntu11.04noarchopenjdk-6< 6b24-1.11.4-1ubuntu0.11.04.1UNKNOWN
ubuntu11.10noarchopenjdk-6< 6b24-1.11.4-1ubuntu0.11.10.1UNKNOWN
ubuntu12.04noarchopenjdk-6< 6b24-1.11.4-1ubuntu0.12.04.1UNKNOWN
ubuntu11.10noarchopenjdk-7< 7u9-2.3.3-0ubuntu1~11.10.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	openjdk-6	< 6b27-1.12.3-0ubuntu1~08.04.1	UNKNOWN
ubuntu	10.04	noarch	openjdk-6	< 6b24-1.11.4-1ubuntu0.10.04.1	UNKNOWN
ubuntu	11.04	noarch	openjdk-6	< 6b24-1.11.4-1ubuntu0.11.04.1	UNKNOWN
ubuntu	11.10	noarch	openjdk-6	< 6b24-1.11.4-1ubuntu0.11.10.1	UNKNOWN
ubuntu	12.04	noarch	openjdk-6	< 6b24-1.11.4-1ubuntu0.12.04.1	UNKNOWN
ubuntu	11.10	noarch	openjdk-7	< 7u9-2.3.3-0ubuntu1~11.10.1	UNKNOWN