CVE-2012-1531
Published: 16 October 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
icedtea-web Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
Upstream |
Released
(6 update 36)
|
|
openjdk-6b18 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
Upstream |
Released
(7 update 8)
|
|
sun-java5 Launchpad, Ubuntu, Debian |
Upstream |
Released
(5.0 update 37)
|
|
sun-java6 Launchpad, Ubuntu, Debian |
Upstream |
Released
(6 update 36)
|
Notes
| Author | Note |
|---|---|
| mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
| jdstrand | openjdk-6b18 FTBFS on 11.04 (LP: #1043003) http://rhn.redhat.com/errata/RHSA-2013-1467.html states this is Oracle JDK only, but based on Oracle advisory we claimed it was fixed in https://usn.ubuntu.com/usn/usn-1619-1. |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1531
- http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
- https://usn.ubuntu.com/usn/usn-1619-1
- NVD
- Launchpad
- Debian