Vulnerability & Exploit Database

Back to search

RHSA-2012:1225: java-1.7.0-oracle security update

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) August 27, 2012 September 17, 2012 July 04, 2017

Available Exploits 

Description

The Oracle Java 7 release includes the Oracle Java 7 Runtime Environmentand the Oracle Java 7 Software Development Kit.This update fixes several vulnerabilities in the Oracle Java 7 RuntimeEnvironment and the Oracle Java 7 Software Development Kit. Furtherinformation about these flaws can be found on the Oracle Java SE SecurityAlert page, listed in the References section. (CVE-2012-4681,CVE-2012-1682, CVE-2012-3136, CVE-2012-0547)Red Hat is aware that a public exploit for CVE-2012-4681 is available thatexecutes code without user interaction when a user visits a malicious webpage using a browser with the Oracle Java 7 web browser plug-in enabled.All users of java-1.7.0-oracle are advised to upgrade to these updatedpackages, which provide Oracle Java 7 Update 7 and resolve these issues.All running instances of Oracle Java must be restarted for the update totake effect.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

redhat-upgrade-java-1-7-0-oracle

Related Vulnerabilities