CVE-2012-0503
Published: 15 February 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to I18n.
Notes
Author | Note |
---|---|
mdeslaur | in natty+, NetX and the plugin moved to the icedtea-web package |
sbeattie | red hat description: It was discovered that the use of TimeZone.setDefault() was not restricted by the SecurityManager, allowing an untrusted Java application or applet to set a new default time zone, and hence bypass Java sandbox restrictions. |
Priority
Status
Package | Release | Status |
---|---|---|
icedtea-web Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Not vulnerable
|
|
oneiric |
Not vulnerable
|
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
|
|
upstream |
Needs triage
|
|
openjdk-6 Launchpad, Ubuntu, Debian |
hardy |
Released
(6b27-1.12.3-0ubuntu1~08.04.1)
|
lucid |
Released
(6b20-1.9.13-0ubuntu1~10.04.1)
|
|
maverick |
Released
(6b20-1.9.13-0ubuntu1~10.10.1)
|
|
natty |
Released
(6b22-1.10.6-0ubuntu1)
|
|
oneiric |
Released
(6b23~pre11-0ubuntu1.11.10.2)
|
|
precise |
Not vulnerable
(6b24-1.11.1-0ubuntu1)
|
|
quantal |
Not vulnerable
(6b24-1.11.1-0ubuntu1)
|
|
upstream |
Needs triage
|
|
openjdk-6b18 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(6b18-1.8.13-0ubuntu1~10.04.1)
|
|
maverick |
Released
(6b18-1.8.13-0ubuntu1~10.10.1)
|
|
natty |
Released
(6b18-1.8.13-0ubuntu1~11.04.1)
|
|
oneiric |
Ignored
(end of life)
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
upstream |
Needs triage
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Released
(7u9-2.3.3-0ubuntu1~11.10.1)
|
|
precise |
Not vulnerable
(7~u3-2.1-1ubuntu1)
|
|
quantal |
Not vulnerable
(7~u3-2.1-1ubuntu1)
|
|
upstream |
Needs triage
|
|
sun-java5 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
upstream |
Needs triage
|
|
sun-java6 Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Does not exist
(removed from archive)
|
|
maverick |
Does not exist
(removed from archive)
|
|
natty |
Does not exist
(removed from archive)
|
|
oneiric |
Does not exist
|
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
upstream |
Needs triage
|