Java JRE Updates June 2012

Click any highlighted term for further explanation. For more information, contact technical support.

	Details
Vulnerability name/brief description	Java JRE Updates June 2012
CVE/CAN name	CVE-2012-1713 CVE-2012-1722 CVE-2012-1723 CVE-2012-1725 CVE-2012-1716 CVE-2012-1720 CVE-2012-1717 CVE-2012-1721 CVE-2012-1711 CVE-2012-1726 CVE-2012-0551 CVE-2012-1719 CVE-2012-1718 CVE-2012-1724
Vendor threat level	Critical
SophosLabs threat level	High
Solution	Java JRE 1.6.0_32 Java JRE 1.7.0_04
Vendor description	A Critical Patch Update is a collection of patches for multiple security vulnerabilities. The Critical Patch Update for Java SE also includes non-security fixes. Critical Patch Updates are cumulative and each advisory describes only the security fixes added since the previous Critical Patch Update.
SophosLabs comments	No SophosLabs comments found
SophosLabs testing result	No SophosLabs testing result found
Currently known exploits	Exp/20121723-B CVE-2012-1723 Exp/20121723-A CVE-2012-1723 Troj/JavaDl-MU CVE-2012-1723 Exp/20121723-C CVE-2012-1723
First sample seen	No samples found
Discovery date	12 Jun 2012
Affected software	JDK and JRE 7 Update 4 and earlier JDK and JRE 6 Update 32 and earlier JDK and JRE 5.0 Update 35 and earlier SDK and JRE 1.4.2_37 and earlier JavaFX 2.1 and earlier
References	http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
Credits	No credits found
Revisions	June 12, 2012 - Initial anlaysis written

Explanation of terms

Vulnerability Name/Brief Description:

Vendor identifier plus a brief description of the type of attack.

CVE/CAN Name:

Currently assigned CVE name. If a CVE name doesn't exist the CAN name will be used until a CVE has been assigned.

Vendor Threat Level:

Threat level assigned by the vendor

SophosLabs Threat Level:

Threat level assigned by SophosLabs

LOW RISK - There is little chance of this vulnerability being actively exploited by malware.
MEDIUM RISK - There is a possibility of this vulnerability being actively exploited by malware.
HIGH RISK - There is a strong possibility of this vulnerability being actively exploited by malware.
CRITICAL RISK - This vulnerability will almost certainly be actively exploited by malware.

Solution:

Vendor-supplied Patch identifier and recommended solution, or workaround if applicable.

Vendor Description:

Summary of the cause and potential effect of the vulnerability provided by the vendor.

SophosLabs Comments:

SophosLabs' opinions and observations of the vulnerability in question.

SophosLabs Testing Result:

Details of completed lab testing, if applicable. Please note that the lab test environment may differ significantly from user environments.

Currently Known Exploits:

List of identities for known exploits, if applicable.

First Sample Seen:

Date of the first sample seen by SophosLabs.

Discovery Date:

Date of the earliest known publically disclosed advisory.

Affected Software:

Vulnerable platforms and software versions.

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

Java JRE Updates June 2012

Explanation of terms

Vulnerability Name/Brief Description:

CVE/CAN Name:

Vendor Threat Level:

SophosLabs Threat Level:

Solution:

Vendor Description:

SophosLabs Comments:

SophosLabs Testing Result:

Currently Known Exploits:

First Sample Seen:

Discovery Date:

Affected Software: