OpenJDK: insecure temporary file permissions (JRE, 7143606)

🗓️ 20 Jun 2012 11:38:00Reported by RedHatType

Insecure temporary file permissions in the Java Runtime Environment allow local disclosure via printing on Solaris or Linux across multiple Java Standard Editions.

Reporter	Title	Published	Views	Family All 181
IBM Security Bulletins	Security bulletin: Potential security vulnerabilities in IBM DataQuant with JRE 6	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2012, June 2012	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Rational Synergy	22 Dec 202017:41	–	ibm
IBM Security Bulletins	Potential security vulnerabilities with JavaTM SDKs	17 Jun 201814:07	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in InfoSphere BigInsights due to vulnerabilities in IBM Java JDK Version 6 (CVE-2012-1717, CVE-2012-1718)	25 Sep 202220:45	–	ibm
IBM Security Bulletins	Security Bulletin: Potential security exposure when using InfoSphere BigInsights due to vulnerability in Java JDK Version 6	26 Sep 202205:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM InfoSphere Information Server due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169, CVE-2012-1717, CVE-2012-1718, CVE-2012-5081)	26 Sep 202205:45	–	ibm
Amazon	Important: java-1.6.0-openjdk	19 Jun 201200:00	–	amazon
Tenable Nessus	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2012-88)	4 Sep 201300:00	–	nessus
Tenable Nessus	CentOS 6 : java-1.6.0-openjdk (CESA-2012:0729)	14 Jun 201200:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	x86_64	java-1.7.0-openjdk	1:1.7.0.5-2.2.1.el6_3	java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux	6	any	java-1.7.0-openjdk	1:1.7.0.5-2.2.1.el6_3.i686	java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.i686.noarch.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.7.0-openjdk-debuginfo	1:1.7.0.5-2.2.1.el6_3	java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux	6	any	java-1.7.0-openjdk-debuginfo	1:1.7.0.5-2.2.1.el6_3.i686	java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.i686.noarch.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.7.0-openjdk-demo	1:1.7.0.5-2.2.1.el6_3	java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux	6	any	java-1.7.0-openjdk-demo	1:1.7.0.5-2.2.1.el6_3.i686	java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.i686.noarch.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.7.0-openjdk-devel	1:1.7.0.5-2.2.1.el6_3	java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux	6	any	java-1.7.0-openjdk-devel	1:1.7.0.5-2.2.1.el6_3.i686	java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.i686.noarch.rpm
Red Hat Enterprise Linux	6	any	java-1.7.0-openjdk-javadoc	1:1.7.0.5-2.2.1.el6_3.noarch	java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.noarch.noarch.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.7.0-openjdk-src	1:1.7.0.5-2.2.1.el6_3	java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2012-1717
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-1717
cve	www.cve.org/CVERecord

28 Jun 2026 12:12Current

7.3High risk

Vulners AI Score7.3

CVSS 22.1

EPSS0.00476

CWE-732