Red Hat Customer Portal

Skip to main content

CVE-2012-3174

Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.

Details Source

Mitre

Public Date

2013-01-13 00:00:00

Impact

Critical

Bugzilla

CVE-2012-3174 OpenJDK: MethodHandles incorrect permission checks (Libraries, 8004933)

Bugzilla ID

894 934

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (java-1.7.0-openjdk) RHSA-2013:0165 2013-01-16
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.0-oracle) RHSA-2013:0156 2013-01-14
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.0-ibm) RHSA-2013:0626 2013-03-11
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-oracle) RHSA-2013:0156 2013-01-14
Red Hat Enterprise Linux 5 (java-1.7.0-openjdk) RHSA-2013:0165 2013-01-16
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-ibm) RHSA-2013:0626 2013-03-11

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 java-1.6.0-ibm Not affected
Red Hat Enterprise Linux 6 java-1.5.0-ibm Not affected
Red Hat Enterprise Linux 5 java-1.6.0-ibm Not affected
Red Hat Enterprise Linux 5 java-1.5.0-ibm Not affected