<em style='font-weight:bold;'>(Description Provided by <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-0862" target="_blank">CVE</a>)</em> : Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

• OVAL ID: 13317 14541
• CVE ID: 2011-0862 (see also: NVD)
• Secunia Advisory ID: 44784 44818 44880 44930 44934 44942 45074 45084 45206 45229 45245 45296 45302 45402 45497 45630 45736 45794 45803 46159 46529 46651 46728 47091 47233 49035 49198 49953 49966
• Bugtraq ID: 48137
• Related OSVDB ID: 73070 73071 73072 73073 73074 73075 73076 73077 73078 73079 73080 73081 73082 73083 73084 73085
• Other Advisory URL: http://dvlabs.tippingpoint.com/advisory/TPTI-11-06
  http://support.apple.com/kb/HT4738
  http://www.debian.org/security/2011/dsa-2311
  http://www.ibm.com/developerworks/java/jdk/alerts/
  http://www.mandriva.com/security/advisories?name=MDVSA-2011:126
  http://www.zerodayinitiative.com/advisories/ZDI-11-183/
  http://www.zerodayinitiative.com/advisories/ZDI-11-184/
  http://www.zerodayinitiative.com/advisories/ZDI-11-185/
  http://www.zerodayinitiative.com/advisories/ZDI-11-186/
  http://www.zerodayinitiative.com/advisories/ZDI-11-187/
  http://www.zerodayinitiative.com/advisories/ZDI-11-188/
  http://www.zerodayinitiative.com/advisories/ZDI-11-189/
  http://www.zerodayinitiative.com/advisories/ZDI-11-190/
  http://www.zerodayinitiative.com/advisories/ZDI-11-191/
• Vendor Specific News/Changelog Entry: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02945548
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03298151
  http://lists.debian.org/debian-security-announce/2011/msg00188.html
  http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061352.html
  http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html
  http://lists.vmware.com/pipermail/security-announce/2011/000149.html
  http://support.avaya.com/css/P8/documents/100144512
  http://support.avaya.com/css/P8/documents/100147041
  http://www.debian.org/security/2011/dsa-2358
  http://www.gentoo.org/security/en/glsa/glsa-201111-02.xml
  http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-015/index.html
  http://www.ibm.com/developerworks/java/jdk/alerts/
  http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
  http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
  https://hermes.opensuse.org/messages/11622943
  https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001355.html
• Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03358587
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03405642
  http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-015/index.html
  http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2012-08-689&viewMode=view
  http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
  http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
  http://www.xerox.com/download/security/security-bulletin/127e996-10b83-4ab94539ab540/cert_XRX11-003_V1.0.pdf
  https://hermes.opensuse.org/messages/10468668
  https://hermes.opensuse.org/messages/8754315
  https://hermes.opensuse.org/messages/9046608
  https://hermes.opensuse.org/messages/9605351
• Mail List Post: http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00003.html
  http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00003.html
  http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00009.html
  http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00001.html
  http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00002.html
  http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00022.html
  http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00025.html
  http://seclists.org/bugtraq/2012/Jan/187
  http://seclists.org/bugtraq/2012/May/97
  http://seclists.org/fulldisclosure/2011/Sep/304
• News Article: http://nakedsecurity.sophos.com/2011/06/08/oracle-java-6-update-26-available-now
  http://www.theregister.co.uk/2011/06/08/java_security_update/
• RedHat RHSA: https://rhn.redhat.com/errata/RHSA-2011-0856.html
  https://rhn.redhat.com/errata/RHSA-2011-0857.html
  https://rhn.redhat.com/errata/RHSA-2011-0860.html
  https://rhn.redhat.com/errata/RHSA-2011-0938.html
  https://rhn.redhat.com/errata/RHSA-2011-1087.html
  https://rhn.redhat.com/errata/RHSA-2011-1159.html
  RHSA-2011:1265
• CERT: TA11-201A

Unknown or Incomplete