Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2012-3174

Published: 14/01/2013 Updated: 21/02/2014
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jre 1.7.0

oracle jdk 1.7.0

Vendor Advisories

Ubuntu Security Notice: openjdk-7 vulnerabilities
OpenJDK 7 could be made to crash or run programs as your login if it opened a specially crafted Java applet ...
Red Hat: Critical: java-1.7.0-oracle security update
Synopsis Critical: java-170-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-170-oracle packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having critical ...
Red Hat: Important: java-1.7.0-openjdk security update
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant security ...
Red Hat: Critical: java-1.7.0-ibm security update
Synopsis Critical: java-170-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-170-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Amazon Linux AMI: ALAS-2013-151
Two improper permission check issues were discovered in the reflection API in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions ...

Recent Articles

VXers exploit users' confusion over Java to punt fake update
The Register • John Leyden • 18 Jan 2013

Cheers, dears, I'll just pop through that backdoor...

Cybercrooks have begun distributing an item of malware that poses as a Java security update. Oracle released a new version of Java 7 (Java 7u11) on Sunday (13 January) to addresses zero-day vulnerability that has been exploited in the wild. The update was important because the underlying exploit had been "weaponised" and bundled in widely available black market exploit kits in the week prior to Oracle's security update. The security flap generated plenty of attention, especially after US CERT wa...

Read more...

References

CWE-264http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0156.htmlhttp://www.ubuntu.com/usn/USN-1693-1http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0165.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2013:095https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/https://usn.ubuntu.com/1693-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook