CVE-2012-1533

Published Oct 16, 2012

Last updated 3 years ago

Overview

Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 35 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2012-3159.
Source
cve@mitre.org
NVD status
Modified

Risk scores

CVSS 2.0

Type
Primary
Base score
10
Impact score
10
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

Evaluator

Comment
-
Impact
Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html "Applies to client deployment of Java only. This vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets. (Untrusted Java Web Start applications and untrusted applets run in the Java sandbox with limited privileges.)"
Solution
Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html "Applies to client deployment of Java only. This vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets. (Untrusted Java Web Start applications and untrusted applets run in the Java sandbox with limited privileges.)"

Configurations