DSA-2507-1 openjdk-6 -- several issuesID: oval:org.secpod.oval:def:600845 | Date: (C)2012-07-06 (M)2022-12-21 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform. CVE-2012-1711 CVE-2012-1719 Multiple errors in the CORBA implementation could lead to breakouts of the Java sandbox CVE-2012-1713 Missing input sanitising in the font manager could lead to the execution of arbitrary code. CVE-2012-1716 The SynthLookAndFeel Swing class could be abused to break out of the Java sandbox. CVE-2012-1717 Several temporary files were created insecurely, resulting in local information disclosure. CVE-2012-1718 Certificate revocation lists were incorrectly implemented. CVE-2012-1723 CVE-2012-1725 Validation errors in the bytecode verifier of the Hotspot VM could lead to breakouts of the Java sandbox. CVE-2012-1724 Missing input sanitising in the XML parser could lead to denial of service through an infinite loop.