CVE-2012-4420

Опубликовано: 07 сент. 2012

Источник: redhat

CVSS2: 4.3

Описание

An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.

Отчет

This flaw was found to be a duplicate of CVE-2012-4416. Please see https://access.redhat.com/security/cve/CVE-2012-4416 for information about affected products and security errata.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	java-1.4.2-ibm	Not affected
Red Hat Enterprise Linux 5	java-1.4.2-ibm-sap	Not affected
Red Hat Enterprise Linux 5	java-1.5.0-ibm	Not affected
Red Hat Enterprise Linux 5	java-1.6.0-ibm	Not affected
Red Hat Enterprise Linux 5	java-1.6.0-openjdk	Not affected
Red Hat Enterprise Linux 5	java-1.6.0-sun	Not affected
Red Hat Enterprise Linux 6	java-1.4.2-ibm-sap	Not affected
Red Hat Enterprise Linux 6	java-1.5.0-ibm	Not affected
Red Hat Enterprise Linux 6	java-1.6.0-ibm	Not affected
Red Hat Enterprise Linux 6	java-1.6.0-openjdk	Not affected