mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
187 lines
7.2 KiB
JSON
187 lines
7.2 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert_us@oracle.com",
|
|
"ID": "CVE-2012-0507",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "HPSBUX02784",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133847939902305&w=2"
|
|
},
|
|
{
|
|
"name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
|
|
},
|
|
{
|
|
"name": "48692",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/48692"
|
|
},
|
|
{
|
|
"name": "HPSBMU02799",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=134254866602253&w=2"
|
|
},
|
|
{
|
|
"name": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/",
|
|
"refsource": "MISC",
|
|
"url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
|
|
},
|
|
{
|
|
"name": "48589",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/48589"
|
|
},
|
|
{
|
|
"name": "SSRT100805",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2"
|
|
},
|
|
{
|
|
"name": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3",
|
|
"refsource": "MISC",
|
|
"url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
|
|
},
|
|
{
|
|
"name": "SUSE-SU-2012:0602",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
|
|
},
|
|
{
|
|
"name": "RHSA-2013:1455",
|
|
"refsource": "REDHAT",
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
|
|
},
|
|
{
|
|
"name": "SUSE-SU-2012:0603",
|
|
"refsource": "SUSE",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
|
|
},
|
|
{
|
|
"name": "48950",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/48950"
|
|
},
|
|
{
|
|
"name": "48948",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/48948"
|
|
},
|
|
{
|
|
"name": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx",
|
|
"refsource": "MISC",
|
|
"url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
|
|
},
|
|
{
|
|
"name": "SSRT100871",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133847939902305&w=2"
|
|
},
|
|
{
|
|
"name": "48915",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/48915"
|
|
},
|
|
{
|
|
"name": "HPSBUX02757",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133364885411663&w=2"
|
|
},
|
|
{
|
|
"name": "DSA-2420",
|
|
"refsource": "DEBIAN",
|
|
"url": "http://www.debian.org/security/2012/dsa-2420"
|
|
},
|
|
{
|
|
"name": "RHSA-2012:0508",
|
|
"refsource": "REDHAT",
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
|
|
},
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=788994",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
|
|
},
|
|
{
|
|
"name": "SSRT100867",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
|
|
},
|
|
{
|
|
"name": "RHSA-2012:0514",
|
|
"refsource": "REDHAT",
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
|
|
},
|
|
{
|
|
"name": "52161",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/52161"
|
|
},
|
|
{
|
|
"name": "HPSBUX02760",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133365109612558&w=2"
|
|
},
|
|
{
|
|
"name": "SSRT100779",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=133364885411663&w=2"
|
|
},
|
|
{
|
|
"name": "HPSBMU02797",
|
|
"refsource": "HP",
|
|
"url": "http://marc.info/?l=bugtraq&m=134254957702612&w=2"
|
|
}
|
|
]
|
|
}
|
|
} |