{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-10-16T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "56070", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56070"}, {"name": "SUSE-SU-2012:1398", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"}, {"name": "RHSA-2012:1391", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"}, {"name": "51390", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51390"}, {"name": "RHSA-2012:1467", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"}, {"name": "oval:org.mitre.oval:def:16055", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16055"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"}, {"name": "51326", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51326"}, {"name": "javaruntimeenvironment-deployment-info-disc(79429)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79429"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2012-5067", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "56070", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56070"}, {"name": "SUSE-SU-2012:1398", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"}, {"name": "RHSA-2012:1391", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"}, {"name": "51390", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51390"}, {"name": "RHSA-2012:1467", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"}, {"name": "oval:org.mitre.oval:def:16055", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16055"}, {"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"}, {"name": "51326", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51326"}, {"name": "javaruntimeenvironment-deployment-info-disc(79429)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79429"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:58:01.480Z"}, "title": "CVE Program Container", "references": [{"name": "56070", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56070"}, {"name": "SUSE-SU-2012:1398", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"}, {"name": "RHSA-2012:1391", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"}, {"name": "51390", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51390"}, {"name": "RHSA-2012:1467", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"}, {"name": "oval:org.mitre.oval:def:16055", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16055"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"}, {"name": "51326", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51326"}, {"name": "javaruntimeenvironment-deployment-info-disc(79429)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79429"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2012-5067", "datePublished": "2012-10-16T21:29:00", "dateReserved": "2012-09-22T00:00:00", "dateUpdated": "2024-08-06T20:58:01.480Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:update7:*:*:*:*:*:*", "matchCriteriaId": "ADD9674C-3207-4D8D-A9C3-2EA53E33532B", "versionEndIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:*:update7:*:*:*:*:*:*", "matchCriteriaId": "9DC59C00-DFD8-404D-82C6-751C470D7B66", "versionEndIncluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores, permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con el \"Deployment\".\r\n"}], "evaluatorImpact": "Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html\r\n\r\n\"Applies to client deployment of Java only. This vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets. (Untrusted Java Web Start applications and untrusted applets run in the Java sandbox with limited privileges.)\"", "id": "CVE-2012-5067", "lastModified": "2017-09-19T01:35:24.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-10-16T21:55:01.620", "references": [{"source": "secalert_us@oracle.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/51326"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/51390"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/56070"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79429"}, {"source": "secalert_us@oracle.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16055"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2012:1391", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.0-oracle-1:1.7.0.9-1jpp.3.el6_3", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2012-10-18T00:00:00Z"}, {"advisory": "RHSA-2012:1467", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.0-ibm-1:1.7.0.3.0-1jpp.2.el6_3", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2012-11-15T00:00:00Z"}], "bugzilla": {"description": "JDK: unspecified vulnerability (Deployment)", "id": "867192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=867192"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "status": "verified"}, "details": ["Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment."], "name": "CVE-2012-5067", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "java-1.6.0-sun", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "java-1.7.0-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "java-1.7.0-oracle", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Affected", "package_name": "java-1.6.0-sun", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2012-10-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-5067\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-5067\nhttp://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"], "threat_severity": "Moderate"}