Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Published: 2012-08-28
Updated: 2022-12-21
Summary
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Vulnerable Configurations
Exploit-Db
description | Java 7 Applet Remote Code Execution. CVE-2012-0547,CVE-2012-3539,CVE-2012-4681. Remote exploit for java platform |
id | EDB-ID:20865 |
last seen | 2016-02-02 |
modified | 2012-08-27 |
published | 2012-08-27 |
reporter | metasploit |
source | https://www.exploit-db.com/download/20865/ |
title | Java 7 Applet Remote Code Execution |
Metasploit
description | The exploit takes advantage of two issues in JDK 7: The ClassFinder and MethodFinder.findMethod(). Both were newly introduced in JDK 7. ClassFinder is a replacement for classForName back in JDK 6. It allows untrusted code to obtain a reference and have access to a restricted package in JDK 7, which can be used to abuse sun.awt.SunToolkit (a restricted package). With sun.awt.SunToolkit, we can actually invoke getField() by abusing findMethod() in Statement.invokeInternal() (but getField() must be public, and that's not always the case in JDK 6) in order to access Statement.acc's private field, modify AccessControlContext, and then disable Security Manager. Once Security Manager is disabled, we can execute arbitrary Java code. Our exploit has been tested successfully against multiple platforms, including: IE, Firefox, Safari, Chrome; Windows, Ubuntu, OS X, Solaris, etc. |
id | MSF:EXPLOIT/MULTI/BROWSER/JAVA_JRE17_EXEC |
last seen | 2020-05-15 |
modified | 2020-02-18 |
published | 2012-08-27 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/browser/java_jre17_exec.rb |
title | Java 7 Applet Remote Code Execution |
Nessus
NASL family | Fedora Local Security Checks |
NASL id | FEDORA_2012-13131.NASL |
description | This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681) http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9 -1-11-4-icedtea-2-3-2-released/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. |
last seen | 2020-03-17 |
modified | 2012-09-04 |
plugin id | 61760 |
published | 2012-09-04 |
reporter | This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61760 |
title | Fedora 17 : java-1.7.0-openjdk-1.7.0.6-2.3.1.fc17.2 (2012-13131) |
NASL family | Windows |
NASL id | ORACLE_JAVA6_UPDATE35.NASL |
description | The version of Oracle (formerly Sun) Java Runtime Environment (JRE) 6.x installed on the remote host is earlier than Update 35. It, therefore, potentially contains two methods that do not properly restrict access to information about other classes. Specifically, the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61746 |
published | 2012-08-31 |
reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/61746 |
title | Oracle Java JDK / JRE 6 < Update 35 SunToolKit getField() and getMethod() Access Issue |
NASL family | Red Hat Local Security Checks |
NASL id | REDHAT-RHSA-2012-1223.NASL |
description | Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61769 |
published | 2012-09-04 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61769 |
title | RHEL 6 : java-1.7.0-openjdk (RHSA-2012:1223) |
NASL family | Red Hat Local Security Checks |
NASL id | REDHAT-RHSA-2012-1289.NASL |
description | Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2012-0547, CVE-2012-0551, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-1726, CVE-2012-3136, CVE-2012-4681) All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR2 release. All running instances of IBM Java must be restarted for the update to take effect. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 62196 |
published | 2012-09-19 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/62196 |
title | RHEL 6 : java-1.7.0-ibm (RHSA-2012:1289) |
NASL family | Scientific Linux Local Security Checks |
NASL id | SL_20120904_JAVA_1_6_0_SUN_ON_SL5_X.NASL |
description | These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page that leverages this vulnerability. Successful exploits can impact the availability, integrity, and confidentiality of the user |
last seen | 2020-03-18 |
modified | 2012-09-13 |
plugin id | 62071 |
published | 2012-09-13 |
reporter | This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/62071 |
title | Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120904) |
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_JAVA_10_6_UPDATE10.NASL |
description | The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 10, which updates the Java version to 1.6.0_35. As such, it potentially contains two methods that do not properly restrict access to information about other classes. Specifically, the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61997 |
published | 2012-09-06 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61997 |
title | Mac OS X : Java for Mac OS X 10.6 Update 10 |
NASL family | Oracle Linux Local Security Checks |
NASL id | ORACLELINUX_ELSA-2012-1223.NASL |
description | From Red Hat Security Advisory 2012:1223 : Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 68611 |
published | 2013-07-12 |
reporter | This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/68611 |
title | Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2012-1223) |
NASL family | Scientific Linux Local Security Checks |
NASL id | SL_20120903_JAVA_1_7_0_OPENJDK_ON_SL6_X.NASL |
description | These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. |
last seen | 2020-03-18 |
modified | 2012-09-05 |
plugin id | 61786 |
published | 2012-09-05 |
reporter | This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61786 |
title | Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20120903) |
NASL family | SuSE Local Security Checks |
NASL id | SUSE_11_JAVA-1_6_0-OPENJDK-121023.NASL |
description | java-openjdk was upgraded to version 1.11.5 to fix various security and non-security issues. |
last seen | 2020-06-05 |
modified | 2013-01-25 |
plugin id | 64169 |
published | 2013-01-25 |
reporter | This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/64169 |
title | SuSE 11.2 Security Update : OpenJDK (SAT Patch Number 6987) |
NASL family | FreeBSD Local Security Checks |
NASL id | FREEBSD_PKG_16846D1EF1DE11E18BD80022156E8794.NASL |
description | US-CERT reports : Oracle Java Runtime Environment (JRE) 1.7 contains a vulnerability that may allow an applet to call setSecurityManager in a way that allows setting of arbitrary permissions. By leveraging the public, privileged getField() function, an untrusted Java applet can escalate its privileges by calling the setSecurityManager() function to allow full privileges, without requiring code signing. This vulnerability is being actively exploited in the wild, and exploit code is publicly available. This exploit does not only affect Java applets, but every piece of software that relies on the Java Security Manager for sandboxing executable code is affected: malicious code can totally disable Security Manager. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61740 |
published | 2012-08-31 |
reporter | This script is Copyright (C) 2012-2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61740 |
title | FreeBSD : Java 1.7 -- security manager bypass (16846d1e-f1de-11e1-8bd8-0022156e8794) |
NASL family | Misc. |
NASL id | ORACLE_JAVA7_UPDATE6_UNIX.NASL |
description | The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 7 and is, therefore, potentially affected the following vulnerabilities : - The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 64841 |
published | 2013-02-22 |
reporter | This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/64841 |
title | Oracle Java SE 7 < Update 7 Multiple Vulnerabilities (Unix) |
NASL family | Mandriva Local Security Checks |
NASL id | MANDRIVA_MDVSA-2012-150.NASL |
description | Multiple security issues were identified and fixed in OpenJDK (icedtea6) : Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited. NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities (CVE-2012-0547). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136 (CVE-2012-1682). The updated packages provides icedtea6-1.11.4 which is not vulnerable to these issues. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 62444 |
published | 2012-10-06 |
reporter | This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/62444 |
title | Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2012:150-1) |
NASL family | SuSE Local Security Checks |
NASL id | OPENSUSE-2012-592.NASL |
description | Java-1_7_0-openjdk was updated to fix a remote exploit (CVE-2012-4681). Also bugfixes were done : - fix build on ARM and i586 - remove files that are no longer used - zero build can be enabled using rpmbuild (osc build) --with zero - add hotspot 2.1 needed for zero - fix filelist on %(ix86) - Security fixes - S7162476, CVE-2012-1682: XMLDecoder security issue via ClassFinder - S7194567, CVE-2012-3136: Improve long term persistence of java.beans objects - S7163201, CVE-2012-0547: Simplify toolkit internals references - RH852051, CVE-2012-4681, S7162473: Reintroduce PackageAccessible checks removed in 6788531. - OpenJDK - Fix Zero FTBFS issues with 2.3 - S7180036: Build failure in Mac platform caused by fix # 7163201 - S7182135: Impossible to use some editors directly - S7183701: [TEST] closed/java/beans/security/TestClassFinder.java – compilation failed - S7185678: java/awt/Menu/NullMenuLabelTest/NullMenuLabelTest.java failed with NPE - Bug fixes - PR1149: Zero-specific patch files not being packaged - use icedtea tarball for build again, this led into following dropped files because the are already in the tarball and simplified %prep and %build - drop class-rewriter.tar.gz - drop systemtap-tapset.tar.gz - drop desktop-files.tar.gz - drop nss.cfg - drop pulseaudio.tar.gz - drop remove-intree-libraries.sh - add archives from icedtea7-forest-2.3 for openjdk, corba, jaxp, jaxws, jdk, langtools and hotspot - drop rhino.patch, pulse-soundproperties and systemtap patch - move gnome bridge patches before make as it |
last seen | 2020-06-05 |
modified | 2014-06-13 |
plugin id | 74748 |
published | 2014-06-13 |
reporter | This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/74748 |
title | openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2012:1154-1) |
NASL family | Gentoo Local Security Checks |
NASL id | GENTOO_GLSA-201401-30.NASL |
description | The remote host is affected by the vulnerability described in GLSA-201401-30 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 72139 |
published | 2014-01-27 |
reporter | This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/72139 |
title | GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT) |
NASL family | SuSE Local Security Checks |
NASL id | SUSE_11_JAVA-1_7_0-IBM-120919.NASL |
description | IBM Java 1.7.0 was updated to SR2 which fixes critical security issues. |
last seen | 2020-06-05 |
modified | 2013-01-25 |
plugin id | 64170 |
published | 2013-01-25 |
reporter | This script is Copyright (C) 2013-2020 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/64170 |
title | SuSE 11.2 Security Update : IBM Java (SAT Patch Number 6839) |
NASL family | Fedora Local Security Checks |
NASL id | FEDORA_2012-13100.NASL |
description | This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681) http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9 -1-11-4-icedtea-2-3-2-released/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. |
last seen | 2020-03-17 |
modified | 2012-09-18 |
plugin id | 62142 |
published | 2012-09-18 |
reporter | This script is Copyright (C) 2012-2020 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/62142 |
title | Fedora 18 : java-1.7.0-openjdk-1.7.0.6-2.3.1.fc18.2 (2012-13100) |
NASL family | Red Hat Local Security Checks |
NASL id | REDHAT-RHSA-2012-1225.NASL |
description | Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The Oracle Java 7 release includes the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. This update fixes several vulnerabilities in the Oracle Java 7 Runtime Environment and the Oracle Java 7 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Security Alert page, listed in the References section. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136, CVE-2012-0547) Red Hat is aware that a public exploit for CVE-2012-4681 is available that executes code without user interaction when a user visits a malicious web page using a browser with the Oracle Java 7 web browser plug-in enabled. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 7 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61770 |
published | 2012-09-04 |
reporter | This script is Copyright (C) 2012-2019 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/61770 |
title | RHEL 6 : java-1.7.0-oracle (RHSA-2012:1225) |
NASL family | Fedora Local Security Checks |
NASL id | FEDORA_2012-13138.NASL |
description | This update is fixing recent important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE. It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681) Updated to latest IcedTea7 2.3 based on latest build of OpenJDK u6. http://blog.fuseyism.com/index.php/2012/08/31/security-icedtea6-1-10-9 -1-11-4-icedtea-2-3-2-released/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. |
last seen | 2020-03-17 |
modified | 2012-09-04 |
plugin id | 61761 |
published | 2012-09-04 |
reporter | This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61761 |
title | Fedora 16 : java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2 (2012-13138) |
NASL family | MacOS X Local Security Checks |
NASL id | MACOSX_JAVA_2012-005.NASL |
description | The remote Mac OS X 10.7 or 10.8 host is running a version of Java for Mac OS X that is missing update 2012-005, which updates the Java version to 1.6.0_35. As such, it potentially contains two methods that do not properly restrict access to information about other classes. Specifically, the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61998 |
published | 2012-09-06 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61998 |
title | Mac OS X : Java for OS X 2012-005 |
NASL family | Windows |
NASL id | ORACLE_JAVA7_UPDATE6.NASL |
description | The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 7 Update 7 and is, therefore, potentially affected the following vulnerabilities : - The |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61681 |
published | 2012-08-27 |
reporter | This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61681 |
title | Oracle Java SE 7 < Update 7 Multiple Vulnerabilities |
NASL family | Misc. |
NASL id | ORACLE_JAVA6_UPDATE35_UNIX.NASL |
description | The version of Oracle (formerly Sun) Java Runtime Environment (JRE) 6.x installed on the remote host is earlier than Update 35. It is, therefore, affected by the following vulnerabilities: - Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136, CVE-2012-0547) Please note this issue is not directly exploitable, rather it can aid in attacks against other, directly exploitable vulnerabilities, such as that found in CVE-2012-4681. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 64839 |
published | 2013-02-22 |
reporter | This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/64839 |
title | Oracle Java JDK / JRE 6 < Update 35 Multiple Vulnerabilities |
NASL family | CentOS Local Security Checks |
NASL id | CENTOS_RHSA-2012-1223.NASL |
description | Updated java-1.7.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 61789 |
published | 2012-09-06 |
reporter | This script is Copyright (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/61789 |
title | CentOS 6 : java-1.7.0-openjdk (CESA-2012:1223) |
Redhat
advisories | bugzilla | id | 853228 | title | CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201) |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | java-1.7.0-openjdk is earlier than 1:1.7.0.5-2.2.1.el6_3.3 | oval | oval:com.redhat.rhsa:tst:20121223001 |
comment | java-1.7.0-openjdk is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009010 |
|
AND | comment | java-1.7.0-openjdk-javadoc is earlier than 1:1.7.0.5-2.2.1.el6_3.3 | oval | oval:com.redhat.rhsa:tst:20121223003 |
comment | java-1.7.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009002 |
|
AND | comment | java-1.7.0-openjdk-demo is earlier than 1:1.7.0.5-2.2.1.el6_3.3 | oval | oval:com.redhat.rhsa:tst:20121223005 |
comment | java-1.7.0-openjdk-demo is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009008 |
|
AND | comment | java-1.7.0-openjdk-src is earlier than 1:1.7.0.5-2.2.1.el6_3.3 | oval | oval:com.redhat.rhsa:tst:20121223007 |
comment | java-1.7.0-openjdk-src is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009006 |
|
AND | comment | java-1.7.0-openjdk-devel is earlier than 1:1.7.0.5-2.2.1.el6_3.3 | oval | oval:com.redhat.rhsa:tst:20121223009 |
comment | java-1.7.0-openjdk-devel is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhsa:tst:20121009004 |
|
|
|
|
| rhsa | id | RHSA-2012:1223 | released | 2012-09-03 | severity | Important | title | RHSA-2012:1223: java-1.7.0-openjdk security update (Important) |
|
|
rpms | - java-1.7.0-openjdk-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-openjdk-debuginfo-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-openjdk-demo-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-openjdk-devel-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-openjdk-javadoc-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-openjdk-src-1:1.7.0.5-2.2.1.el6_3.3
- java-1.7.0-oracle-1:1.7.0.7-1jpp.5.el6_3
- java-1.7.0-oracle-devel-1:1.7.0.7-1jpp.5.el6_3
- java-1.7.0-oracle-jdbc-1:1.7.0.7-1jpp.5.el6_3
- java-1.7.0-oracle-plugin-1:1.7.0.7-1jpp.5.el6_3
- java-1.7.0-oracle-src-1:1.7.0.7-1jpp.5.el6_3
- java-1.7.0-ibm-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-demo-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-devel-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-jdbc-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-plugin-1:1.7.0.2.0-1jpp.3.el6_3
- java-1.7.0-ibm-src-1:1.7.0.2.0-1jpp.3.el6_3
|
Saint
bid | 55213 |
description | Oracle Java findMethod findClass Security Bypass |
id | web_client_jre |
osvdb | 84867 |
title | oracle_java_findclass_findmethod_security_bypass |
type | client |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 55339 CVE ID: CVE-2012-0547 Sun Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Oracle Java SE 7 Update 6及之前版本、6 Update 34及之前版本的JRE组件中存在不明细节漏洞,影响目前未知。 0 Sun JRE 1.x 厂商补丁: Oracle ------ Oracle已经为此发布了一个安全公告(alert-cve-2012-4681-1835715)以及相应补丁: alert-cve-2012-4681-1835715:Oracle Security Alert for CVE-2012-4681 链接:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html |
id | SSV:60367 |
last seen | 2017-11-19 |
modified | 2012-09-04 |
published | 2012-09-04 |
reporter | Root |
title | Oracle Sun JRE 1.x 远程JRE漏洞 |