Lucene search

[email protected]CVE-2012-4823

HistoryJan 11, 2013 - 12:55 a.m.

CVE-2012-4823

2013-01-1100:55:01

[email protected]

web.nvd.nist.gov

ibm

java

vulnerability

remote

execute

code

cwe-284

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

5.2 Medium

AI Score

Confidence

High

0.768 High

EPSS

Percentile

98.2%

JSON

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to “insecure use of the java.lang.ClassLoder defineClass() method.”

Affected configurations

NVD

Node

ibmjavaRange1.4.2–1.4.2.13.13

ibmjavaRange5.0.0.0–5.0.14.0

ibmjavaRange6.0.0.0–6.0.11.0

ibmjavaRange7.0.0.0–7.0.2.0

ibmlotus_dominoMatch8.0

ibmlotus_dominoMatch8.0.1

ibmlotus_dominoMatch8.0.2

ibmlotus_dominoMatch8.0.2.1

ibmlotus_dominoMatch8.0.2.2

ibmlotus_dominoMatch8.0.2.3

ibmlotus_dominoMatch8.0.2.4

ibmlotus_dominoMatch8.5.0

ibmlotus_dominoMatch8.5.0.1

ibmlotus_dominoMatch8.5.1

ibmlotus_dominoMatch8.5.1.1

ibmlotus_dominoMatch8.5.1.2

ibmlotus_dominoMatch8.5.1.3

ibmlotus_dominoMatch8.5.1.4

ibmlotus_dominoMatch8.5.1.5

ibmlotus_dominoMatch8.5.2.0

ibmlotus_dominoMatch8.5.2.1

ibmlotus_dominoMatch8.5.2.2

ibmlotus_dominoMatch8.5.2.3

ibmlotus_dominoMatch8.5.2.4

ibmlotus_dominoMatch8.5.3.0

ibmlotus_dominoMatch8.5.3.1

ibmlotus_dominoMatch8.5.3.2

ibmlotus_notesMatch8.0

ibmlotus_notesMatch8.0.0

ibmlotus_notesMatch8.0.1

ibmlotus_notesMatch8.0.2

ibmlotus_notesMatch8.0.2.0

ibmlotus_notesMatch8.0.2.1

ibmlotus_notesMatch8.0.2.2

ibmlotus_notesMatch8.0.2.3

ibmlotus_notesMatch8.0.2.4

ibmlotus_notesMatch8.0.2.5

ibmlotus_notesMatch8.0.2.6

ibmlotus_notesMatch8.5

ibmlotus_notesMatch8.5.0.0

ibmlotus_notesMatch8.5.0.1

ibmlotus_notesMatch8.5.1

ibmlotus_notesMatch8.5.1.0

ibmlotus_notesMatch8.5.1.1

ibmlotus_notesMatch8.5.1.2

ibmlotus_notesMatch8.5.1.3

ibmlotus_notesMatch8.5.1.4

ibmlotus_notesMatch8.5.1.5

ibmlotus_notesMatch8.5.2.0

ibmlotus_notesMatch8.5.2.1

ibmlotus_notesMatch8.5.2.2

ibmlotus_notesMatch8.5.2.3

ibmlotus_notesMatch8.5.3

ibmlotus_notesMatch8.5.3.1

ibmlotus_notesMatch8.5.3.2

ibmlotus_notesMatch8.5.4

ibmlotus_notes_sametimeMatch8.0.80407

ibmlotus_notes_sametimeMatch8.0.80822

ibmlotus_notes_sametimeMatch8.5.1.20100709-1631advanced_embedded

ibmlotus_notes_travelerMatch8.0

ibmlotus_notes_travelerMatch8.0.1

ibmlotus_notes_travelerMatch8.0.1.2

ibmlotus_notes_travelerMatch8.0.1.3

ibmlotus_notes_travelerMatch8.5.0.0

ibmlotus_notes_travelerMatch8.5.0.1

ibmlotus_notes_travelerMatch8.5.0.2

ibmlotus_notes_travelerMatch8.5.1.1

ibmlotus_notes_travelerMatch8.5.1.2

ibmlotus_notes_travelerMatch8.5.1.3

ibmlotus_notes_travelerMatch8.5.2.1

ibmlotus_notes_travelerMatch8.5.3

ibmlotus_notes_travelerMatch8.5.3.1

ibmlotus_notes_travelerMatch8.5.3.2

ibmlotus_notes_travelerMatch8.5.3.3

ibmlotus_notes_travelerMatch8.5.3.3interim_fix_1

ibmrational_changeMatch4.7

ibmrational_changeMatch5.1

ibmrational_changeMatch5.2

ibmrational_changeMatch5.3

ibmrational_host_on-demandMatch1.6.0.12

ibmrational_host_on-demandMatch8.0.8.0

ibmrational_host_on-demandMatch9.0.8.0

ibmrational_host_on-demandMatch10.0.9.0

ibmrational_host_on-demandMatch10.0.10.0

ibmrational_host_on-demandMatch11.0.3.0

ibmrational_host_on-demandMatch11.0.4.0

ibmrational_host_on-demandMatch11.0.5.0

ibmrational_host_on-demandMatch11.0.5.1

ibmrational_host_on-demandMatch11.0.6.0

ibmrational_host_on-demandMatch11.0.6.1

ibmservice_delivery_managerMatch7.2.1.0

ibmservice_delivery_managerMatch7.2.2.0

ibmsmart_analytics_system_5600_softwareMatch-

ibmsmart_analytics_system_5600_softwareMatch9.7

ibmtivoli_monitoringMatch6.1.0

ibmtivoli_monitoringMatch6.1.0.7

ibmtivoli_monitoringMatch6.2.0

ibmtivoli_monitoringMatch6.2.0.1

ibmtivoli_monitoringMatch6.2.0.2

ibmtivoli_monitoringMatch6.2.0.3

ibmtivoli_monitoringMatch6.2.1

ibmtivoli_monitoringMatch6.2.1.0

ibmtivoli_monitoringMatch6.2.1.1

ibmtivoli_monitoringMatch6.2.1.2

ibmtivoli_monitoringMatch6.2.1.3

ibmtivoli_monitoringMatch6.2.1.4

ibmtivoli_monitoringMatch6.2.2

ibmtivoli_monitoringMatch6.2.2.0

ibmtivoli_monitoringMatch6.2.2.1

ibmtivoli_monitoringMatch6.2.2.2

ibmtivoli_monitoringMatch6.2.2.3

ibmtivoli_monitoringMatch6.2.2.4

ibmtivoli_monitoringMatch6.2.2.5

ibmtivoli_monitoringMatch6.2.2.6

ibmtivoli_monitoringMatch6.2.2.7

ibmtivoli_monitoringMatch6.2.2.8

ibmtivoli_monitoringMatch6.2.2.9

ibmtivoli_monitoringMatch6.2.3

ibmtivoli_monitoringMatch6.2.3.0

ibmtivoli_monitoringMatch6.2.3.1

ibmtivoli_monitoringMatch6.2.3.2

ibmtivoli_remote_controlMatch5.1.2

ibmwebsphere_real_timeMatch2.0

ibmwebsphere_real_timeMatch3.0

tivoli_storage_productivity_center5.0

tivoli_storage_productivity_center5.1

tivoli_storage_productivity_center5.1.1

ibmsmart_analytics_system_5600Match7200

CPENameOperatorVersion
ibm:javaibm javale1.4.2.13.13
ibm:javaibm javale5.0.14.0
ibm:javaibm javale6.0.11.0
ibm:javaibm javale7.0.2.0
ibm:lotus_dominoibm lotus dominoeq8.0
ibm:lotus_dominoibm lotus dominoeq8.0.1
ibm:lotus_dominoibm lotus dominoeq8.0.2
ibm:lotus_dominoibm lotus dominoeq8.0.2.1
ibm:lotus_dominoibm lotus dominoeq8.0.2.2
ibm:lotus_dominoibm lotus dominoeq8.0.2.3

CPE	Name	Operator	Version
ibm:java	ibm java	le	1.4.2.13.13
ibm:java	ibm java	le	5.0.14.0
ibm:java	ibm java	le	6.0.11.0
ibm:java	ibm java	le	7.0.2.0
ibm:lotus_domino	ibm lotus domino	eq	8.0
ibm:lotus_domino	ibm lotus domino	eq	8.0.1
ibm:lotus_domino	ibm lotus domino	eq	8.0.2
ibm:lotus_domino	ibm lotus domino	eq	8.0.2.1
ibm:lotus_domino	ibm lotus domino	eq	8.0.2.2
ibm:lotus_domino	ibm lotus domino	eq	8.0.2.3