Lucene search

K

[email protected]NVD:CVE-2012-4301

HistoryFeb 02, 2013 - 12:55 a.m.

CVE-2012-4301

2013-02-0200:55:01

[email protected]

web.nvd.nist.gov

6

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.121

Percentile

95.4%

Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that this issue allows remote attackers to execute arbitrary code via an “invalid type case” in the init method of the D3DShader class in the com.sun.prism.d3d package. CPU.

Affected configurations

Nvd

Node

oraclejavafxRange≤2.2.4

OR

oraclejavafxMatch2.0

OR

oraclejavafxMatch2.0.2

OR

oraclejavafxMatch2.0.3

OR

oraclejavafxMatch2.1

OR

oraclejavafxMatch2.2

OR

oraclejavafxMatch2.2.3

References

marc.info/?l=bugtraq&m=136733161405818&w=2

www.kb.cert.org/vuls/id/858729

www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

www.us-cert.gov/cas/techalerts/TA13-032A.html

www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1027

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16180

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.9

Confidence

Low

EPSS

0.121

Percentile

95.4%

Related for NVD:CVE-2012-4301

ubuntucve1 cvelist1 cve1 prion1 nessus2 cert1 securityvulns1 ibm1