Release date:
Updated on:
Affected Systems:
Oracle Sun JRE (Windows Production Re
Oracle Sun JRE (Windows Production Re
Oracle Sun JRE (Solaris Production Re
Oracle Sun JRE (Solaris Production Re
Oracle Sun JRE (Linux Production Rele
Oracle Sun JRE (Linux Production Rele
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57312
CVE (CAN) ID: CVE-2012-3174
Oracle Java Runtime Environment (JRE) is a solution that provides a reliable Runtime Environment for JAVA applications.
Oracle Java 7 before Update 11 has a security vulnerability in implementation, which allows remote attackers to execute arbitrary code. This vulnerability may be related to the findClass method in the MBeanInstantiator class and the recycling of the reflected API.
<* Source: Eric Maurice
Link: http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html
Http://www.kb.cert.org/vuls/id/625617
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Oracle
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.oracle.com/technetwork/topics/security/