CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.4%
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect
confidentiality, integrity, and availability via unknown vectors related to
Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not
commented on claims from a downstream vendor that this issue is related to
“XMLDecoder security issue via ClassFinder.”
Author | Note |
---|---|
mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
sbeattie | armel on lucid and natty need FTBFS fixed |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | openjdk-6 | < 6b27-1.12.3-0ubuntu1~08.04.1 | UNKNOWN |
ubuntu | 10.04 | noarch | openjdk-6 | < 6b24-1.11.4-1ubuntu0.10.04.1 | UNKNOWN |
ubuntu | 11.04 | noarch | openjdk-6 | < 6b24-1.11.4-1ubuntu0.11.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-6 | < 6b24-1.11.4-1ubuntu0.11.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-6 | < 6b24-1.11.4-1ubuntu0.12.04.1 | UNKNOWN |
ubuntu | 11.10 | noarch | openjdk-7 | < 7u9-2.3.3-0ubuntu1~11.10.1 | UNKNOWN |