CVE-2012-1720
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
26.5%
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | jdk | * | cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:* |
| oracle | jre | * | cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:* |
| oracle | jdk | * | cpe:2.3:a:oracle:jdk:*:update32:*:*:*:*:*:* |
| oracle | jre | * | cpe:2.3:a:oracle:jre:*:update32:*:*:*:*:*:* |
| sun | jdk | * | cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:* |
| sun | jre | * | cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:* |
| sun | jdk | * | cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:* |
| sun | jre | * | cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:* |
References
marc.info/?l=bugtraq&m=134496371727681&w=2
secunia.com/advisories/51080
www.ibm.com/support/docview.wss?uid=swg21615246
www.mandriva.com/security/advisories?name=MDVSA-2013:150
www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
www.securityfocus.com/bid/53956
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
26.5%