Oracle Corporation Information for VU#636312

Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.oracle.com/technetwork/java/javase/downloads/jre7u7-downloads-1836441.html

http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html

Addendum

This issue is addressed in Java 7 Update 7.

If you have feedback, comments, or additional information about this vulnerability, please send us email.