Back to search

Oracle Security Alert: Java Runtime Environment Libraries vulnerability (CVE-2012-3174)

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) January 10, 2013 January 13, 2013 February 08, 2013

Description

Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

Oracle JRE >= 1.7.0.0 and < 1.7.0.11

Upgrade to Oracle Java version 1.7.0.11

Upgrade your copy of the Java Runtime Environment to 1.7.0.11, which can be downloaded from here.

Related Vulnerabilities