Multiple vulnerabilities in Oracle Java

Posted: October 18, 2012 in Vulnerabilities
Tags: , , ,

Java DangerVulnerability: Multiple vulnerabilities in Oracle Java

Danger: High
Patch: Yes
Number of vulnerabilities: 29

Impact:
Denial of service;
– Disclosure of sensitive data;
– Unauthorized manipulation of data;
– System compromise.

Affected Products: Oracle JavaFX 2.x

Affected versions:
– JDK and JRE 7 Update 7 and earlier versions;
– JDK and JRE 6 Update 35 and earlier;
– JDK and JRE 5.0 Update 36 and earlier;
– SDK and JRE 1.4.2_38 and earlier;
– JavaFX 2.2 and earlier versions.

Description:

Which can be exploited by malicious people to make unauthorized modification of data, access to sensitive information, cause a denial of service or compromise a vulnerable system.

1. The vulnerability is caused due to an unspecified error in the component 2D. A remote user can execute arbitrary code on the target system.

2. The vulnerability is caused due to an unspecified error in the component 2D. A remote user can execute arbitrary code on the target system.

3. The vulnerability is caused due to an unspecified error in the component Beans. A remote user can execute arbitrary code on the target system.

4. The vulnerability is caused due to an unspecified error in the component Beans. A remote user can execute arbitrary code on the target system.

5. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can execute arbitrary code on the target system.

6. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can execute arbitrary code on the target system.

7. The vulnerability is caused due to an unspecified error in the component JAX-WS. A remote user can execute arbitrary code on the target system.

8. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can execute arbitrary code on the target system.

9. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can execute arbitrary code on the target system.

10. The vulnerability is caused due to an unspecified error in the component JavaFX. A remote user can execute arbitrary code on the target system.

11. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can execute arbitrary code on the target system.

12. The vulnerability is caused due to an unspecified error in the component Swing. A remote user can execute arbitrary code on the target system.

13. The vulnerability is caused due to an unspecified error in the component JavaFX. A remote user can execute arbitrary code on the target system.

14. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can view and modify certain data and cause a denial of service.

15. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify certain data and cause a denial of service.

16. The vulnerability is caused due to an unspecified error in the component Hotspot. A remote user can view and modify some data.

17. The vulnerability is caused due to an unspecified error in the component JAX-WS. A remote user can view and modify some data.

18. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.

19. The vulnerability is caused due to an unspecified error in the component Concurrency. A remote user can view and modify some data.

20. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can view and modify some data.

21. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.

22. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.

23. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify some data.

24. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify some data.

25. The vulnerability is caused due to an unspecified error in the component Security. A remote user can view and modify some data.

26. The vulnerability is caused due to an unspecified error in the component JSSE. This can be a DoS attack.

27. The vulnerability is caused due to an unspecified error in the component JavaFX. This can be a DoS attack.

28. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can gain access to sensitive data.

29. The vulnerability is caused due to an unspecified error in the component Security. A remote user can gain access to sensitive data.

Manufacturer : Oracle Corporation

Solution: Install the update from the manufacturer.

Links:

http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s