Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to XMLDecoder security issue via ClassFinder.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jdk | Oracle | * | 1.7.0 (including) |
| Jdk | Oracle | 1.7.0 (including) | 1.7.0 (including) |
| Jdk | Oracle | 1.7.0-update1 (including) | 1.7.0-update1 (including) |
| Jdk | Oracle | 1.7.0-update2 (including) | 1.7.0-update2 (including) |
| Jdk | Oracle | 1.7.0-update3 (including) | 1.7.0-update3 (including) |
| Jdk | Oracle | 1.7.0-update4 (including) | 1.7.0-update4 (including) |
| Jdk | Oracle | 1.7.0-update5 (including) | 1.7.0-update5 (including) |
| Jre | Oracle | * | 1.7.0 (including) |
| Jre | Oracle | 1.7.0 (including) | 1.7.0 (including) |
| Jre | Oracle | 1.7.0-update1 (including) | 1.7.0-update1 (including) |
| Jre | Oracle | 1.7.0-update2 (including) | 1.7.0-update2 (including) |
| Jre | Oracle | 1.7.0-update3 (including) | 1.7.0-update3 (including) |
| Jre | Oracle | 1.7.0-update4 (including) | 1.7.0-update4 (including) |
| Jre | Oracle | 1.7.0-update5 (including) | 1.7.0-update5 (including) |