Oracle Security Alert: Java Runtime Environment Libraries vulnerability (CVE-2012-3174)
|10||(AV:N/AC:L/Au:N/C:C/I:C/A:C)||January 10, 2013||January 13, 2013||February 08, 2013|
Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.
Free Nexpose Download
Discover, prioritize, and remediate security risks today!
Oracle JRE >= 220.127.116.11 and < 18.104.22.168
Upgrade to Oracle Java version 22.214.171.124
Upgrade your copy of the Java Runtime Environment to 126.96.36.199, which can be downloaded from here.
- Amazon Linux AMI: java-1.7.0-openjdk Security Update - Remote Attack Vulnerability (ALAS-2013-151) (CVE-2012-3174)
- CESA-2013:0165: java-1.7.0-openjdk security update
- ELSA-2013-0165 Important: Oracle Linux 6 java-1.7.0-openjdk security update
- RHSA-2013:0156: java-1.7.0-oracle security update
- RHSA-2013:0165: java-1.7.0-openjdk security update
- RHSA-2013:0626: java-1.7.0-ibm security update
- SUSE Linux Security Advisory: SUSE-SU-2013:0199-1
- SUSE Linux Security Advisory: SUSE-SU-2013:0440-1
- USN-1693-1: OpenJDK 7 vulnerabilities