You are here

Java 7 - Security Manager Bypass Vulnerability

IDs: 
CVE-2012-3174, CVE-2013-0422, CB-K13/0036
Keywords: 
Java clientside
Description: 

This vulnerability affects only client installations of Java (especially in browsers).

Resolution: 

Oracle published Java 7 update 11 to fix the vulnerabilities (see referenced link). It is strongly recommended to apply the patch to all client installations, to disable or even uninstall Java from clients.

Airlock Vulnerability Status: 
Does not affect Airlock
Back-end Vulnerability Status: 
No action required