SUSE.Security.update.for.IBM.Java.1.4.2.SUSE-SU-2012:1490-1

description-logoDescription

SUSE released update packages for Java that fixed multiple critical vulnerabilities:
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries. (CVE-2012-3216)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. (CVE-2012-5073)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries. (CVE-2012-5079)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect availability, related to JSSE. (CVE-2012-5081)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, 1.4.2_38 and earlier, and JavaFX 2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. (CVE-2012-5083)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing. (CVE-2012-5084)

affected-products-logoAffected Products

SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 10 SP4
SUSE Linux Enterprise Java 11 SP2
SUSE Linux Enterprise Java 10 SP4

Impact logoImpact

These vulnerabilities could potentially allow remote attackers to execute arbitrary code or to cause denial of service on vulnerable systems.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in
SUSE-SU-2012:1490-1 https://www.suse.com/support/update/announcement/2012/suse-su-20121490-1.html

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)