Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2012:1222
HistorySep 03, 2012 - 2:26 p.m.

java security update

2012-09-0314:26:49
CentOS Project
lists.centos.org
42

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.098 Low

EPSS

Percentile

94.8%

JSON

CentOS Errata and Security Advisory CESA-2012:1222

These packages provide the OpenJDK 6 Java Runtime Environment and the
OpenJDK 6 Software Development Kit.

It was discovered that the Beans component in OpenJDK did not perform
permission checks properly. An untrusted Java application or applet could
use this flaw to use classes from restricted packages, allowing it to
bypass Java sandbox restrictions. (CVE-2012-1682)

A hardening fix was applied to the AWT component in OpenJDK, removing
functionality from the restricted SunToolkit class that was used in
combination with other flaws to bypass Java sandbox restrictions.
(CVE-2012-0547)

This erratum also upgrades the OpenJDK package to IcedTea6 1.10.9. Refer to
the NEWS file, linked to in the References, for further information.

All users of java-1.6.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2012-September/081002.html

Affected packages:
java-1.6.0-openjdk
java-1.6.0-openjdk-demo
java-1.6.0-openjdk-devel
java-1.6.0-openjdk-javadoc
java-1.6.0-openjdk-src

Upstream details at:
https://access.redhat.com/errata/RHSA-2012:1222

OSVersionArchitecturePackageVersionFilename
CentOS5i386java-1.6.0-openjdk<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
CentOS5i386java-1.6.0-openjdk-demo<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
CentOS5i386java-1.6.0-openjdk-devel<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
CentOS5i386java-1.6.0-openjdk-javadoc<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
CentOS5i386java-1.6.0-openjdk-src<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.i386.rpm
CentOS5x86_64java-1.6.0-openjdk<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
CentOS5x86_64java-1.6.0-openjdk-demo<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-demo-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
CentOS5x86_64java-1.6.0-openjdk-devel<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-devel-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
CentOS5x86_64java-1.6.0-openjdk-javadoc<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-javadoc-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm
CentOS5x86_64java-1.6.0-openjdk-src<Β 1.6.0.0-1.28.1.10.9.el5_8java-1.6.0-openjdk-src-1.6.0.0-1.28.1.10.9.el5_8.x86_64.rpm

Related

suse 4
openvas 31
redhat 9
nessus 34
amazon 1
oraclelinux 3
centos 2
ubuntu 1
ubuntucve 3
cve 3
securityvulns 2
prion 3
zdi 1
seebug 1
veracode 22
gentoo 2
suse
suse
Security update for OpenJDK (critical)
2012-09-12 06:08:36
java-1_6_0-openjdk: icedtea-web update to 1.11.4 (bnc#) (critical)
2012-09-14 14:13:53
java-1_7_0-openjdk: security fix for remote exploit (critical)
2012-09-12 19:08:39
openvas
openvas
CentOS Update for java CESA-2012:1221 centos6
2012-09-04 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2012:1221-01
2012-09-04 00:00:00
openSUSE: Security Advisory for java-1_6_0-openjdk (openSUSE-SU-2012:1175-1)
2012-12-13 00:00:00
redhat
redhat
(RHSA-2012:1222) Important: java-1.6.0-openjdk security update
2012-09-03 00:00:00
(RHSA-2012:1221) Critical: java-1.6.0-openjdk security update
2012-09-03 00:00:00
(RHSA-2012:1223) Important: java-1.7.0-openjdk security update
2012-09-03 00:00:00
nessus
nessus
Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-119)
2013-09-04 00:00:00
RHEL 6 : java-1.6.0-openjdk (RHSA-2012:1221)
2012-09-04 00:00:00
CentOS 6 : java-1.6.0-openjdk (CESA-2012:1221)
2012-09-04 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2012-09-04 10:22:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-09-03 00:00:00
java-1.6.0-openjdk security update
2012-09-03 00:00:00
java-1.7.0-openjdk security update
2012-09-03 00:00:00
centos
centos
java security update
2012-09-03 14:36:46
java security update
2012-09-03 14:37:23
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2012-09-03 00:00:00
ubuntucve
ubuntucve
CVE-2012-0547
2012-09-03 00:00:00
CVE-2012-3136
2012-08-30 00:00:00
CVE-2012-1682
2012-09-03 00:00:00
cve
cve
CVE-2012-0547
2012-08-30 23:55:00
CVE-2012-1682
2012-08-30 23:55:00
CVE-2012-3136
2012-08-30 23:55:00
securityvulns
securityvulns
[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities
2012-10-30 00:00:00
Oracle Java / OpenJDK multiple security vulnerabilities
2012-10-30 00:00:00
prion
prion
Design/Logic Flaw
2012-08-30 23:55:00
Design/Logic Flaw
2012-08-30 23:55:00
Design/Logic Flaw
2012-08-30 23:55:00
zdi
zdi
Oracle Java java.beans.Statement Remote Code Execution Vulnerability
2012-12-21 00:00:00
seebug
seebug
Oracle Sun JRE 1.x θΏœη¨‹JRE漏洞
2012-09-04 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:04
Memory Corruption
2019-05-02 04:41:05
Authorization Bypass
2019-05-02 04:41:06
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.098 Low

EPSS

Percentile

94.8%

JSON
Related for CESA-2012:1222
suse4openvas31redhat9nessus34amazon1oraclelinux3centos2ubuntu1ubuntucve3cve3securityvulns2prion3zdi1seebug1veracode22gentoo2