Your submission was sent successfully! Close

CVE-2012-1682

Published: 3 September 2012

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."

Priority

Medium

Status

Package Release Status
icedtea-web
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Not vulnerable

natty Not vulnerable

oneiric Not vulnerable

precise Not vulnerable

quantal Not vulnerable

upstream Needs triage

openjdk-6
Launchpad, Ubuntu, Debian
hardy
Released (6b27-1.12.3-0ubuntu1~08.04.1)
lucid
Released (6b24-1.11.4-1ubuntu0.10.04.1)
natty
Released (6b24-1.11.4-1ubuntu0.11.04.1)
oneiric
Released (6b24-1.11.4-1ubuntu0.11.10.1)
precise
Released (6b24-1.11.4-1ubuntu0.12.04.1)
quantal Not vulnerable
(6b24-1.11.4-3ubuntu1)
upstream Needs triage

openjdk-6b18
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Ignored
(reached end-of-life)
natty Ignored
(LP: #1043003)
oneiric Not vulnerable
(superceded)
precise Does not exist

quantal Does not exist

upstream Needs triage

openjdk-7
Launchpad, Ubuntu, Debian
hardy Does not exist

lucid Does not exist

natty Does not exist

oneiric
Released (7u9-2.3.3-0ubuntu1~11.10.1)
precise Not vulnerable
(7u7-2.3.2-1ubuntu0.12.04.1)
quantal Not vulnerable
(7u7-2.3.2-1ubuntu1)
upstream Needs triage

sun-java5
Launchpad, Ubuntu, Debian
hardy Ignored
(upstream sun-java5 is EoL)
lucid Does not exist

natty Does not exist

oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream Needs triage

sun-java6
Launchpad, Ubuntu, Debian
hardy Ignored
(upstream version is not redistributable)
lucid Does not exist
(removed from archive)
natty Does not exist
(removed from archive)
oneiric Does not exist

precise Does not exist

quantal Does not exist

upstream Needs triage

Notes

AuthorNote
mdeslaur
in lucid+, NetX and the plugin moved to the icedtea-web package
sbeattie
armel on lucid and natty need FTBFS fixed

References