JavaFX Component Vulnerability in Oracle Java SE
CVE-2012-4301

Currently unrated

Key Information:

Vendor: Oracle
Status: Javafx
Vendor: CVE Published:; 2 February 2013

Summary

The JavaFX component in Oracle Java SE versions up to 2.2.4 is impacted by an unspecified vulnerability allowing remote attackers to potentially compromise system confidentiality, integrity, and availability. The nature of the flaw has been linked to an 'invalid type case' within the init method of the D3DShader class, raising concerns that it could facilitate remote code execution through unidentified vectors. Users are advised to seek remediation measures and apply relevant updates to mitigate potential risks.

References

http://www.us-cert.gov/cas/techalerts/TA13-032A.html

third-party-advisoryx_refsource_CERT

http://www.kb.cert.org/vuls/id/858729

third-party-advisoryx_refsource_CERT-VN

http://marc.info/?l=bugtraq&m=136733161405818&w=2

vendor-advisoryx_refsource_HP

Timeline

Vulnerability published
Feb 2, 2013
Vulnerability Reserved
Aug 14, 2012