CVE-2012-0551

NameCVE-2012-0551
DescriptionUnspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
glassfish (PTS)jessie1:2.1.1-b31g+dfsg1-2fixed
stretch1:2.1.1-b31g+dfsg1-4fixed
openjdk-7 (PTS)jessie7u181-2.6.14-1~deb8u1fixed
jessie (security)7u181-2.6.14-2~deb8u1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
glassfishsource(unstable)(not affected)
openjdk-6source(unstable)(not affected)
openjdk-7source(unstable)(not affected)

Notes

- glassfish <not-affected> (Debian only builds some core libs, not the full application stack)
- openjdk-6 <not-affected> (specific to Oracle Java)
- openjdk-7 <not-affected> (specific to Oracle Java)

Search for package or bug name: Reporting problems