Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:oracle:jdk:1.5.0:update_36:*:*:*:*:*:*
  • CPE Name Search: true
There are 104 matching records.
Displaying matches 101 through 104.
Vuln ID Summary CVSS Severity
CVE-2012-3216

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

Published: October 16, 2012; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 2.6 LOW
CVE-2012-3143

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089.

Published: October 16, 2012; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-1531

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: October 16, 2012; 5:55:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.

Published: August 27, 2012; 8:55:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH