Search for vulnerabilities
Vulnerability details: VCID-b2hn-sf8h-aaad
Vulnerability ID VCID-b2hn-sf8h-aaad
Aliases CVE-2012-1717
Summary CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606)
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-732 Incorrect Permission Assignment for Critical Resource
System Score Found at
rhas Critical https://access.redhat.com/errata/RHSA-2012:0729
rhas Important https://access.redhat.com/errata/RHSA-2012:0730
rhas Critical https://access.redhat.com/errata/RHSA-2012:0734
rhas Important https://access.redhat.com/errata/RHSA-2012:1009
rhas Critical https://access.redhat.com/errata/RHSA-2012:1019
rhas Critical https://access.redhat.com/errata/RHSA-2012:1238
rhas Critical https://access.redhat.com/errata/RHSA-2012:1243
rhas Critical https://access.redhat.com/errata/RHSA-2012:1245
rhas Critical https://access.redhat.com/errata/RHSA-2012:1289
rhas Moderate https://access.redhat.com/errata/RHSA-2012:1332
rhas Low https://access.redhat.com/errata/RHSA-2013:1455
rhas Low https://access.redhat.com/errata/RHSA-2013:1456
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00044 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00148 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00155 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
epss 0.00173 https://api.first.org/data/v1/epss?cve=CVE-2012-1717
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=829358
generic_textual HIGH http://security.gentoo.org/glsa/glsa-201406-32.xml
cvssv2 2.1 https://nvd.nist.gov/vuln/detail/CVE-2012-1717
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html
http://rhn.redhat.com/errata/RHSA-2012-0734.html
http://rhn.redhat.com/errata/RHSA-2012-1243.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1717.json
https://api.first.org/data/v1/epss?cve=CVE-2012-1717
http://secunia.com/advisories/50659
http://secunia.com/advisories/51080
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.ibm.com/support/docview.wss?uid=swg21615246
http://www.mandriva.com/security/advisories?name=MDVSA-2012:095
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html
http://www.securityfocus.com/bid/53952
829358 https://bugzilla.redhat.com/show_bug.cgi?id=829358
cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
CVE-2012-1717 https://nvd.nist.gov/vuln/detail/CVE-2012-1717
GLSA-201401-30 https://security.gentoo.org/glsa/201401-30
GLSA-201406-32 https://security.gentoo.org/glsa/201406-32
RHSA-2012:0729 https://access.redhat.com/errata/RHSA-2012:0729
RHSA-2012:0730 https://access.redhat.com/errata/RHSA-2012:0730
RHSA-2012:0734 https://access.redhat.com/errata/RHSA-2012:0734
RHSA-2012:1009 https://access.redhat.com/errata/RHSA-2012:1009
RHSA-2012:1019 https://access.redhat.com/errata/RHSA-2012:1019
RHSA-2012:1238 https://access.redhat.com/errata/RHSA-2012:1238
RHSA-2012:1243 https://access.redhat.com/errata/RHSA-2012:1243
RHSA-2012:1245 https://access.redhat.com/errata/RHSA-2012:1245
RHSA-2012:1289 https://access.redhat.com/errata/RHSA-2012:1289
RHSA-2012:1332 https://access.redhat.com/errata/RHSA-2012:1332
RHSA-2013:1455 https://access.redhat.com/errata/RHSA-2013:1455
RHSA-2013:1456 https://access.redhat.com/errata/RHSA-2013:1456
USN-1505-1 https://usn.ubuntu.com/1505-1/
No exploits are available.
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-1717
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.10982
EPSS Score 0.00044
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.