Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-0507
HistoryJun 07, 2012 - 10:55 p.m.

CVE-2012-0507

2012-06-0722:55:17
[email protected]
web.nvd.nist.gov
1036
In Wild
3
cve-2012-0507
oracle
java
vulnerability
remote attackers
confidentiality
integrity
availability
concurrency
denial of service
jvm crash
java sandbox restrictions

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Affected configurations

NVD
Node
sunjreMatch1.5.0-
OR
sunjreMatch1.5.0update1
OR
sunjreMatch1.5.0update10
OR
sunjreMatch1.5.0update11
OR
sunjreMatch1.5.0update12
OR
sunjreMatch1.5.0update13
OR
sunjreMatch1.5.0update14
OR
sunjreMatch1.5.0update15
OR
sunjreMatch1.5.0update16
OR
sunjreMatch1.5.0update17
OR
sunjreMatch1.5.0update18
OR
sunjreMatch1.5.0update19
OR
sunjreMatch1.5.0update2
OR
sunjreMatch1.5.0update20
OR
sunjreMatch1.5.0update21
OR
sunjreMatch1.5.0update22
OR
sunjreMatch1.5.0update23
OR
sunjreMatch1.5.0update24
OR
sunjreMatch1.5.0update25
OR
sunjreMatch1.5.0update26
OR
sunjreMatch1.5.0update27
OR
sunjreMatch1.5.0update28
OR
sunjreMatch1.5.0update29
OR
sunjreMatch1.5.0update3
OR
sunjreMatch1.5.0update31
OR
sunjreMatch1.5.0update33
OR
sunjreMatch1.5.0update4
OR
sunjreMatch1.5.0update5
OR
sunjreMatch1.5.0update6
OR
sunjreMatch1.5.0update7
OR
sunjreMatch1.5.0update8
OR
sunjreMatch1.5.0update9
Node
oraclejreMatch1.6.0update22
OR
oraclejreMatch1.6.0update23
OR
oraclejreMatch1.6.0update24
OR
oraclejreMatch1.6.0update25
OR
oraclejreMatch1.6.0update26
OR
oraclejreMatch1.6.0update27
OR
oraclejreMatch1.6.0update29
OR
oraclejreMatch1.6.0update30
OR
sunjreMatch1.6.0-
OR
sunjreMatch1.6.0update_1
OR
sunjreMatch1.6.0update_10
OR
sunjreMatch1.6.0update_11
OR
sunjreMatch1.6.0update_12
OR
sunjreMatch1.6.0update_13
OR
sunjreMatch1.6.0update_14
OR
sunjreMatch1.6.0update_15
OR
sunjreMatch1.6.0update_16
OR
sunjreMatch1.6.0update_17
OR
sunjreMatch1.6.0update_18
OR
sunjreMatch1.6.0update_19
OR
sunjreMatch1.6.0update_2
OR
sunjreMatch1.6.0update_20
OR
sunjreMatch1.6.0update_21
OR
sunjreMatch1.6.0update_3
OR
sunjreMatch1.6.0update_4
OR
sunjreMatch1.6.0update_5
OR
sunjreMatch1.6.0update_6
OR
sunjreMatch1.6.0update_7
Node
oraclejreMatch1.7.0-
OR
oraclejreMatch1.7.0update1
OR
oraclejreMatch1.7.0update2
Node
debiandebian_linuxMatch6.0
OR
debiandebian_linuxMatch7.0
Node
suselinux_enterprise_desktopMatch10sp4-
OR
suselinux_enterprise_javaMatch10sp4
OR
suselinux_enterprise_javaMatch11sp1
OR
suselinux_enterprise_serverMatch10sp4-
OR
suselinux_enterprise_serverMatch11sp1-
OR
suselinux_enterprise_serverMatch11sp1vmware
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_software_development_kitMatch11sp1
OR
suselinux_enterprise_software_development_kitMatch11sp2
CPENameOperatorVersion
sun:jresun jreeq1.5.0

References

Social References

More

Related

ubuntucve 2
cvelist 2
attackerkb 1
prion 2
cve 1
symantec 1
nvd 2
seebug 3
checkpoint_advisories 4
veracode 5
openvas 56
saint 4
packetstorm 1
cisa_kev 1
thn 4
threatpost 12
canvas 1
metasploit 1
exploitdb 1
nessus 35
redhat 6
oraclelinux 2
centos 1
ubuntu 2
debian 1
osv 1
suse 4
ibm 2
avleonov 1
securelist 1
qualysblog 2
amazon 1
fedora 14
securityvulns 2
photon 1
oracle 1
gentoo 2
ubuntucve
ubuntucve
CVE-2012-0507
2012-02-24 00:00:00
CVE-2011-3571
2012-01-18 00:00:00
cvelist
cvelist
CVE-2012-0507
2012-06-07 22:00:00
CVE-2011-3571
2012-01-18 22:00:00
attackerkb
attackerkb
CVE-2012-0507
2012-06-07 00:00:00
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
Design/Logic Flaw
2012-06-07 22:55:00
cve
cve
CVE-2011-3571
2012-01-18 22:55:04
symantec
symantec
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2012-02-14 00:00:00
nvd
nvd
CVE-2011-3571
2012-01-18 22:55:04
CVE-2012-0507
2012-06-07 22:55:17
seebug
seebug
Java AtomicReferenceArray Type Violation Vulnerability
2014-07-01 00:00:00
Oracle Java SE i18n子组件远程安全漏洞
2012-02-29 00:00:00
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution - Ver2 (CVE-2012-0507)
2014-12-28 00:00:00
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution (CVE-2012-0507)
2012-04-16 00:00:00
Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)
2012-04-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:06
Privilege Escalation
2020-04-10 01:10:19
Memory Corruption
2019-05-02 04:41:04
openvas
openvas
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows)
2012-08-22 00:00:00
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - Windows
2012-08-22 00:00:00
Oracle: Security Advisory (ELSA-2012-0135)
2015-10-06 00:00:00
saint
saint
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
packetstorm
packetstorm
Java AtomicReferenceArray Type Violation
2012-03-30 00:00:00
cisa_kev
cisa_kev
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
thn
thn
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 03:48:00
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 14:48:00
New Java Exploits boosts BlackHole exploit kit
2012-04-01 19:36:00
threatpost
threatpost
Nepalese Government Sites Hacked, Serving Zegost Malware
2012-08-08 20:16:56
Dorifel Malware Encrypts Files, Steals Financial Data, May Be Related to Zeus or Citadel
2012-08-10 14:24:54
Dockster Mac Malware Targets Dalai Lama Website Through Flashback Vulnerability
2012-12-03 21:00:02
canvas
canvas
Immunity Canvas: JAVA_ATOMICREFERENCEARRAY
2012-06-07 22:55:00
metasploit
metasploit
Java AtomicReferenceArray Type Violation Vulnerability
2012-03-29 15:31:14
exploitdb
exploitdb
Java - AtomicReferenceArray Type Violation (Metasploit)
2012-03-30 00:00:00
nessus
nessus
Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2012-0322)
2013-07-12 00:00:00
RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0322)
2012-02-22 00:00:00
Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0135)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2012:0135) Critical: java-1.6.0-openjdk security update
2012-02-14 00:00:00
(RHSA-2012:0322) Important: java-1.6.0-openjdk security update
2012-02-21 00:00:00
(RHSA-2012:0139) Critical: java-1.6.0-sun security update
2012-02-16 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-02-28 00:00:00
java-1.6.0-openjdk security update
2012-02-15 00:00:00
centos
centos
java security update
2012-02-15 10:26:37
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2012-02-24 00:00:00
OpenJDK 6 (ARM) vulnerabilities
2012-03-01 00:00:00
debian
debian
[SECURITY] [DSA 2420-1] openjdk-6 security update
2012-02-28 20:11:47
osv
osv
openjdk-6 - several
2012-02-28 00:00:00
suse
suse
Security update for IBM Java 1.6.0 (important)
2012-05-09 21:08:17
Security update for IBM Java 1.6.0 (important)
2012-05-09 20:08:14
Security update for Java 1.6.0 (important)
2012-02-27 21:08:20
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:05:25
Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)
2020-12-22 17:41:28
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
qualysblog
qualysblog
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
amazon
amazon
Critical: java-1.6.0-openjdk
2012-02-15 17:12:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc17
2012-02-28 10:45:39
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.6-2.3.1.fc16.2
2012-09-03 22:54:30
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc16
2012-02-15 23:55:01
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2012-08-20 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0413
2023-06-19 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9 High

AI Score

Confidence

High

0.968 High

EPSS

Percentile

99.7%

JSON
Related for CVE-2012-0507
ubuntucve2cvelist2attackerkb1prion2cve1symantec1nvd2seebug3checkpoint_advisories4veracode5openvas56saint4packetstorm1cisa_kev1thn4threatpost12canvas1metasploit1exploitdb1nessus35redhat6oraclelinux2centos1ubuntu2debian1osv1suse4ibm2avleonov1securelist1qualysblog2amazon1fedora14securityvulns2photon1oracle1gentoo2