CVE-2012-1720 - OpenCVE

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:H/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Jdk Jre
Sun	Jdk Jre

Configuration 1 [-]

OR	cpe:2.3:a:oracle:jdk::update4::::::*
	cpe:2.3:a:oracle:jre::update4::::::*

Configuration 2 [-]

OR	cpe:2.3:a:oracle:jdk::update32::::::*
	cpe:2.3:a:oracle:jre::update32::::::*

Configuration 3 [-]

OR	cpe:2.3:a:sun:jdk::update35::::::*
	cpe:2.3:a:sun:jre::update35::::::*

Configuration 4 [-]

OR	cpe:2.3:a:sun:jdk::::::::
	cpe:2.3:a:sun:jre::::::::

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=134496371727681&w=2
http://secunia.com/advisories/51080
http://www.ibm.com/support/docview.wss?uid=swg21615246
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.securityfocus.com/bid/53956
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2012-06-16T21:00:00

Updated: 2024-08-06T19:08:38.143Z

Reserved: 2012-03-16T00:00:00

Link: CVE-2012-1720

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-06-16T21:55:03.373

Modified: 2022-05-13T14:52:53.353

Link: CVE-2012-1720

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-06-12T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"}, {"name": "SSRT100919", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"}, {"name": "53956", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53956"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "51080", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51080"}, {"name": "HPSBUX02805", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"name": "oval:org.mitre.oval:def:16581", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-1720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"}, {"name": "SSRT100919", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"}, {"name": "53956", "refsource": "BID", "url": "http://www.securityfocus.com/bid/53956"}, {"name": "http://www.ibm.com/support/docview.wss?uid=swg21615246", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"}, {"name": "MDVSA-2013:150", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "51080", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51080"}, {"name": "HPSBUX02805", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"name": "oval:org.mitre.oval:def:16581", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:08:38.143Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"}, {"name": "SSRT100919", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"}, {"name": "53956", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/53956"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"}, {"name": "MDVSA-2013:150", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"name": "51080", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51080"}, {"name": "HPSBUX02805", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"name": "oval:org.mitre.oval:def:16581", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-1720", "datePublished": "2012-06-16T21:00:00", "dateReserved": "2012-03-16T00:00:00", "dateUpdated": "2024-08-06T19:08:38.143Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:update4:*:*:*:*:*:*", "matchCriteriaId": "2D3162C7-575B-4AD4-B923-C97F5706349B", "versionEndIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:*:update4:*:*:*:*:*:*", "matchCriteriaId": "404F6D28-CCE9-4767-8734-544274B4D086", "versionEndIncluding": "1.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:update32:*:*:*:*:*:*", "matchCriteriaId": "574A7ACD-243A-4136-AB02-B89EA97C884F", "versionEndIncluding": "1.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:*:update32:*:*:*:*:*:*", "matchCriteriaId": "179867A2-8221-4B8C-A04C-35FBA8EB07D5", "versionEndIncluding": "1.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:jdk:*:update35:*:*:*:*:*:*", "matchCriteriaId": "222B2736-EBC3-400D-80BB-70464203A8BF", "versionEndIncluding": "1.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:*:update35:*:*:*:*:*:*", "matchCriteriaId": "677FED6F-DDA1-45F7-900E-B98FECE04F7A", "versionEndIncluding": "1.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DD9946E-3467-4D83-BB5B-E31AF6958EB5", "versionEndIncluding": "1.4.2_37", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:jre:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A452D1C-3C17-41D4-A930-34277A27A711", "versionEndIncluding": "1.4.2_37", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier, when running on Solaris, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Networking."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualizaci\u00f3n 35 y anteriores, y v1.4.2_37 y anteriores, cuando se ejecutan en Solaris, permite a los usuarios locales a afectar confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con la red."}], "id": "CVE-2012-1720", "lastModified": "2022-05-13T14:52:53.353", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.7, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-06-16T21:55:03.373", "references": [{"source": "secalert_us@oracle.com", "url": "http://marc.info/?l=bugtraq&m=134496371727681&w=2"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/51080"}, {"source": "secalert_us@oracle.com", "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"}, {"source": "secalert_us@oracle.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"}, {"source": "secalert_us@oracle.com", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/53956"}, {"source": "secalert_us@oracle.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16581"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}