Vulnerability: Multiple vulnerabilities in Oracle Java
Danger: High
Patch: Yes
Number of vulnerabilities: 29
Impact:
– Denial of service;
– Disclosure of sensitive data;
– Unauthorized manipulation of data;
– System compromise.
Affected Products: Oracle JavaFX 2.x
Affected versions:
– JDK and JRE 7 Update 7 and earlier versions;
– JDK and JRE 6 Update 35 and earlier;
– JDK and JRE 5.0 Update 36 and earlier;
– SDK and JRE 1.4.2_38 and earlier;
– JavaFX 2.2 and earlier versions.
Description:
Which can be exploited by malicious people to make unauthorized modification of data, access to sensitive information, cause a denial of service or compromise a vulnerable system.
1. The vulnerability is caused due to an unspecified error in the component 2D. A remote user can execute arbitrary code on the target system.
2. The vulnerability is caused due to an unspecified error in the component 2D. A remote user can execute arbitrary code on the target system.
3. The vulnerability is caused due to an unspecified error in the component Beans. A remote user can execute arbitrary code on the target system.
4. The vulnerability is caused due to an unspecified error in the component Beans. A remote user can execute arbitrary code on the target system.
5. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can execute arbitrary code on the target system.
6. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can execute arbitrary code on the target system.
7. The vulnerability is caused due to an unspecified error in the component JAX-WS. A remote user can execute arbitrary code on the target system.
8. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can execute arbitrary code on the target system.
9. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can execute arbitrary code on the target system.
10. The vulnerability is caused due to an unspecified error in the component JavaFX. A remote user can execute arbitrary code on the target system.
11. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can execute arbitrary code on the target system.
12. The vulnerability is caused due to an unspecified error in the component Swing. A remote user can execute arbitrary code on the target system.
13. The vulnerability is caused due to an unspecified error in the component JavaFX. A remote user can execute arbitrary code on the target system.
14. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can view and modify certain data and cause a denial of service.
15. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify certain data and cause a denial of service.
16. The vulnerability is caused due to an unspecified error in the component Hotspot. A remote user can view and modify some data.
17. The vulnerability is caused due to an unspecified error in the component JAX-WS. A remote user can view and modify some data.
18. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.
19. The vulnerability is caused due to an unspecified error in the component Concurrency. A remote user can view and modify some data.
20. The vulnerability is caused due to an unspecified error in the component Deployment. A remote user can view and modify some data.
21. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.
22. The vulnerability is caused due to an unspecified error in the component JMX. A remote user can view and modify some data.
23. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify some data.
24. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can view and modify some data.
25. The vulnerability is caused due to an unspecified error in the component Security. A remote user can view and modify some data.
26. The vulnerability is caused due to an unspecified error in the component JSSE. This can be a DoS attack.
27. The vulnerability is caused due to an unspecified error in the component JavaFX. This can be a DoS attack.
28. The vulnerability is caused due to an unspecified error in the component Libraries. A remote user can gain access to sensitive data.
29. The vulnerability is caused due to an unspecified error in the component Security. A remote user can gain access to sensitive data.
Manufacturer : Oracle Corporation
Solution: Install the update from the manufacturer.
Links:
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html