CVE-2012-5089
Published: 16 October 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-3143.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
icedtea-web Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
Upstream |
Released
(1.10.10, 1.11.5)
|
|
openjdk-6b18 Launchpad, Ubuntu, Debian |
Upstream |
Released
(1.10.10, 1.11.5)
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.1.3, 2.2.3, 2.3.3)
|
|
sun-java5 Launchpad, Ubuntu, Debian |
Upstream |
Ignored
(end of life)
|
|
sun-java6 Launchpad, Ubuntu, Debian |
Upstream |
Released
(6 update 36)
|
Notes
| Author | Note |
|---|---|
| mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
| jdstrand | openjdk-6b18 FTBFS on 11.04 (LP: #1043003) |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5089
- http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
- http://www.oracle.com/technetwork/topics/security/javacpuoct2012verbose-1515981.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020571.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-October/020556.html
- https://usn.ubuntu.com/usn/usn-1619-1
- NVD
- Launchpad
- Debian