You are here
Java 7 - Security Manager Bypass Vulnerability
Submitted on 15. January 2013 - 13:21 by erwin.
Last update on 17. January 2013 - 7:39.
Last update on 17. January 2013 - 7:39.
IDs:
CVE-2012-3174, CVE-2013-0422, CB-K13/0036
Keywords:
Java clientside
Description:
This vulnerability affects only client installations of Java (especially in browsers).
Resolution:
Oracle published Java 7 update 11 to fix the vulnerabilities (see referenced link). It is strongly recommended to apply the patch to all client installations, to disable or even uninstall Java from clients.
Airlock Vulnerability Status:
Does not affect Airlock
Back-end Vulnerability Status:
No action required