5.4 Medium
AI Score
Confidence
Low
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.867 High
EPSS
Percentile
98.6%
Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.
lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html
marc.info/?l=bugtraq&m=134496371727681&w=2
rhn.redhat.com/errata/RHSA-2012-0734.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1456.html
www.mandriva.com/security/advisories?name=MDVSA-2013:150
www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
www.securityfocus.com/bid/53136
www.securitytracker.com/id?1026941
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16707