Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:24968
HistoryApr 10, 2020 - 1:10 a.m.

Privilege Escalation

2020-04-1001:10:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

JSON

openjdk is vulnerable to privilege escalation. The vulnerability exists as the AtomicReferenceArray class implementation did not properly check if the array was of the expected Object[] type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions.

Related

prion 2
ubuntucve 2
symantec 1
cve 2
attackerkb 1
nessus 20
openvas 42
suse 2
fedora 14
amazon 1
redhat 3
oraclelinux 2
centos 1
oracle 1
securityvulns 1
gentoo 1
prion
prion
Design/Logic Flaw
2012-06-07 22:55:00
Design/Logic Flaw
2012-01-18 22:55:00
ubuntucve
ubuntucve
CVE-2011-3571
2012-01-18 00:00:00
CVE-2012-0507
2012-02-24 00:00:00
symantec
symantec
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2012-02-14 00:00:00
cve
cve
CVE-2011-3571
2012-01-18 22:55:00
CVE-2012-0507
2012-06-07 22:55:00
attackerkb
attackerkb
CVE-2012-0507
2012-06-07 00:00:00
nessus
nessus
openSUSE Security Update : virtualbox (openSUSE-SU-2012:1323-1)
2014-06-13 00:00:00
Fedora 16 : java-1.7.0-openjdk-1.7.0.3-2.1.fc16 (2012-1690)
2012-02-16 00:00:00
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20120221)
2012-08-01 00:00:00
openvas
openvas
RedHat Update for java-1.6.0-openjdk RHSA-2012:0322-01
2012-02-27 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01
2012-07-09 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2012:0135-01
2012-07-09 00:00:00
suse
suse
java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)
2012-02-27 21:08:27
Security update for Java 1.6.0 (important)
2012-02-27 21:08:20
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc17
2012-02-28 10:45:39
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
2012-09-19 03:03:35
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc16
2012-02-15 23:55:01
amazon
amazon
Critical: java-1.6.0-openjdk
2012-02-15 17:12:00
redhat
redhat
(RHSA-2012:0135) Critical: java-1.6.0-openjdk security update
2012-02-14 00:00:00
(RHSA-2012:0322) Important: java-1.6.0-openjdk security update
2012-02-21 00:00:00
(RHSA-2012:0139) Critical: java-1.6.0-sun security update
2012-02-16 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-02-28 00:00:00
java-1.6.0-openjdk security update
2012-02-15 00:00:00
centos
centos
java security update
2012-02-15 10:26:37
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
securityvulns
securityvulns
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

3.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:S/C:P/I:P/A:N

JSON
Related for VERACODE:24968
prion2ubuntucve2symantec1cve2attackerkb1nessus20openvas42suse2fedora14amazon1redhat3oraclelinux2centos1oracle1securityvulns1gentoo1