Description

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot.

References

• BID-50242
• CVE-2011-3558
• OVAL-OVAL13475
• REDHAT-RHSA-2011:1384
• URL: http://www.vmware.com/security/advisories/VMSA-2012-0003.html
• XF-70835

Solution

Related Vulnerabilities

• Amazon Linux AMI: Security patch for java-1.6.0-openjdk (ALAS-2011-10) (multiple CVEs)
• SUSE Linux Security Vulnerability: CVE-2011-3558
• Gentoo Linux: CVE-2011-3558: IcedTea JDK: Multiple vulnerabilities
• Java CPU October 2011 Java Runtime Environment HotSpot vulnerability (CVE-2011-3558)
• RHSA-2011:1384: java-1.6.0-sun security update
• Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
• HP Systems Insight Manager - HPSBMU02769 (CVE-2011-3558): HP-UX, Linux, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, and Other Vulnerabilities
• VMSA-2012-0005: ESX update for Oracle JRE 1.6.0_30 (CVE-2011-3558)
• Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 4
• HP-UX: CVE-2011-3558: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
• RHSA-2011:1380: java-1.6.0-openjdk security update
• USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities
• ELSA-2011-1380 Critical: Oracle Linux java-1.6.0-openjdk security update
• Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6
• Cent OS: CVE-2011-3558: CESA-2011:1380 (java-1.6.0-openjdk)
• Apple Java security update for CVE-2011-3558