Incorrect Permission Assignment for Critical Resource in java-1.6.0-ibm | CVE-2012-1717

Q: How to fix?

Upgrade RHEL:10 java-1.6.0-ibm to version 1:1.6.0.11.0-1jpp.1.el5_8 or higher. This issue was patched in RHSA-2012:1238 .

Threat Intelligence

0.15% (37^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-RHEL10-JAVA160IBM-9867776
published28 Apr 2025
disclosed12 Jun 2012

Report a new vulnerability Found a mistake?

Introduced: 12 Jun 2012

CVE-2012-1717 (opens in a new tab) CWE-732 (opens in a new tab)

How to fix?

Upgrade RHEL:10 java-1.6.0-ibm to version 1:1.6.0.11.0-1jpp.1.el5_8 or higher.
This issue was patched in RHSA-2012:1238.

NVD Description

Note: Versions mentioned in the description apply only to the upstream java-1.6.0-ibm package and not the java-1.6.0-ibm package as distributed by RHEL. See How to fix? for RHEL:10 relevant fixed versions and status.

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

References

CVSS Base Scores

version 3.1

Attack Vector (AV)
Local
Attack Complexity (AC)
Low
Privileges Required (PR)
None
User Interaction (UI)
None

Scope (S)
Unchanged

Confidentiality (C)
Low
Integrity (I)
None
Availability (A)
None

Incorrect Permission Assignment for Critical Resource Affecting java-1.6.0-ibm package, versions <1:1.6.0.11.0-1jpp.1.el5_8

Severity