Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM5F88C2F077BAE6C14B265D60A735B19AC50E8C1401A58DB3FCBBE5B67A702B40
HistoryDec 22, 2020 - 5:41 p.m.

Security Bulletin: Multiple Vulnerabilities in Rational Synergy

2020-12-2217:41:28
www.ibm.com
21

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Summary

Vulnerabilities in the Java Runtime Environment (JRE) 6 SR10 and earlier component shipped with Rational Synergy may affect the security of the product.

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

  • Follow this link for more information (requires login with your IBM ID)
    —|—

CVE ID:CVE-2012-0551

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.

CVSS Base Score**:** 4.3 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/75010&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVE ID:CVE-2012-1717

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

CVSS Base Score**:** 2.1 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76251&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:N/A:N)

CVE ID:CVE-2012-1716

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing.

CVSS Base Score**:** 10.0 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76244&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1713

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10.0 **CVSS Temporal Score: **See <https://exchange.xforce.ibmcloud.com/vulnerabilities/76239&gt; for the current score *CVSS Environmental Score:**Undefined **CVSS Vector: **(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1718

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect availability via unknown vectors related to Security.

CVSS Base Score: 5.0 **CVSS Temporal Score:**See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76249&gt;_ for the current score *CVSS Environmental Score: **Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVE ID:CVE-2012-1719

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect integrity, related to CORBA.

CVSS Base Score: 5.0 **CVSS Temporal Score: **See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76247&gt;_ for the current score *CVSS Environmental Score:**Undefined **CVSS Vector: **(AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVE ID:CVE-2012-1722

**Description:**Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1721.

CVSS Base Score: 10.0 **CVSS Temporal Score:**See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76241&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1721

**Description:**Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-1722.

CVSS Base Score**:** 10.0 CVSS Temporal Score**:See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76240&gt;_ for the current score
CVSS Environmental Score*:** Undefined CVSS ****Vector:(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1725

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 32 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS Base Score: 10.0 **CVSS Temporal Score:**See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/76243&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1531

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

**CVSS Base Score:**10.0
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/79294&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1532

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS Base Score**:** 10.0 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/26069&gt;_ for the current score CVSS Environmental Score***:** Undefined **CVSS **Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-1533

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS Base Score**:** 10.0 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/26069&gt;_ for the current score CVSS Environmental Score***:**Undefined
CVSS****Vector:(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-3143

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability, related to JMX.

CVSS Base Score**:** 10.0 CVSS Temporal Score**:** Unknown CVSS Environmental Score***:** Undefined CVSS ****Vector:(AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVE ID:CVE-2012-3159

**Description:**Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS Base Score: 7.5 CVSS Temporal Score**:** Unknown CVSS Environmental Score***:** Undefined **CVSS **Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID:CVE-2012-3216

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

CVSS Base Score: 2.6 **CVSS Temporal Score:**Unknown *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N)

CVE ID:CVE-2012-4416

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 updates 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Hotspot.

CVSS Base Score: 6.4 **CVSS Temporal Score:**See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/78432&gt;_ for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVE ID:**CVE-2012-**5068

**Description:**Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVSS Base Score**:** 7.5 CVSS Temporal Score**:** See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/79293&gt;_ for the current score CVSS Environmental Score***:** Undefined **CVSS **Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVE ID:**CVE-2012-**5069

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency.

CVSS Base Score: 5.8 CVSS Temporal Score**:** Unknown CVSS Environmental Score***:** Undefined **CVSS **Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVE ID:**CVE-2012-**5071

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality and integrity, related to JMX.

CVSS Base Score:6.4
CVSS Temporal Score:Unknown
CVSS Environmental Score:* Undefined CVSS ****Vector:(AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVE ID:**CVE-2012-**5072

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality via unknown vectors related to Security.

CVSS Base Score:5.0
CVSS Temporal Score: Unknown CVSS Environmental Score***:** Undefined CVSS Vector**:**(AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID:**CVE-2012-**5073

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVSS Base Score: 5.0 CVSS Temporal Score**:** Unknown CVSS Environmental Score***:** Undefined CVSS Vector**:** (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVE ID:**CVE-2012-**5075

Description: Unspecified vulnerability in the Java Runtime Environment (JRE) 6 update 35 and earlier, allows remote attackers to affect confidentiality, related to JMX.

CVSS Base Score: 5.0 CVSS Temporal Score**:Unknown
CVSS Environmental Score*:** Undefined CVSS Vector**:**(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Affected Products and Versions

All Rational Synergy supported platforms

Remediation/Fixes

Rational Synergy 7.1.0.x should upgrade to Rational Synergy version 7.1.0.7 (Rational Synergy 7.1.0.7) or later.

Workarounds and Mitigations

None

Related

veracode 30
redhat 15
nessus 64
openvas 55
suse 12
ibm 3
threatpost 1
osv 1
amazon 3
oraclelinux 5
ubuntu 3
fedora 1
debian 1
centos 5
veracode
veracode
Information Disclosure
2019-05-02 04:43:06
Information Disclosure
2019-05-02 04:43:06
Memory Corruption
2019-05-02 04:43:05
redhat
redhat
(RHSA-2012:1238) Critical: java-1.6.0-ibm security update
2012-09-06 00:00:00
(RHSA-2012:1245) Critical: java-1.5.0-ibm security update
2012-09-07 00:00:00
(RHSA-2012:0734) Critical: java-1.6.0-sun security update
2012-06-13 00:00:00
nessus
nessus
SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8284)
2012-09-29 00:00:00
SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6793)
2013-01-25 00:00:00
RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2012:1238)
2012-09-07 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1265-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1204-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2012:1588-1)
2021-06-09 00:00:00
suse
suse
Security update for IBM Java (important)
2012-09-28 15:08:47
Security update for IBM Java (important)
2012-09-18 15:08:38
Security update for IBM Java 1.6.0 (important)
2012-11-28 21:08:41
ibm
ibm
Potential security vulnerabilities with JavaTM SDKs
2018-06-17 14:07:58
Security bulletin: Potential security vulnerabilities in IBM DataQuant with JRE 6
2022-09-25 23:13:40
Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE excuted under a security manager.
2022-09-25 23:13:40
threatpost
threatpost
Apple Patches Java Flaws
2012-10-18 13:44:08
osv
osv
openjdk-6 - several
2012-07-04 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2012-06-19 15:58:00
Important: java-1.7.0-openjdk
2012-10-23 10:38:00
Important: java-1.6.0-openjdk
2012-10-23 10:38:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-06-13 00:00:00
java-1.6.0-openjdk security update
2012-06-13 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2012-07-13 00:00:00
IcedTea-Web regression
2012-08-30 00:00:00
OpenJDK vulnerabilities
2012-10-26 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.2.1.fc17.8
2012-06-17 22:22:06
debian
debian
[SECURITY] [DSA 2507-1] openjdk-6 security update
2012-07-04 15:05:53
centos
centos
java security update
2012-06-13 18:29:41
java security update
2012-06-13 17:29:00
java security update
2012-10-17 21:15:32

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for 5F88C2F077BAE6C14B265D60A735B19AC50E8C1401A58DB3FCBBE5B67A702B40
veracode30redhat15nessus64openvas55suse12ibm3threatpost1osv1amazon3oraclelinux5ubuntu3fedora1debian1centos5