Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2012-0507
HistoryFeb 24, 2012 - 12:00 a.m.

CVE-2012-0507

2012-02-2400:00:00
ubuntu.com
ubuntu.com
27

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.967

Percentile

99.7%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0
Update 33 and earlier allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to Concurrency.
NOTE: the previous information was obtained from the February 2012 Oracle
CPU. Oracle has not commented on claims from a downstream vendor and third
party researchers that this issue occurs because the AtomicReferenceArray
class implementation does not ensure that the array is of the Object[]
type, which allows attackers to cause a denial of service (JVM crash) or
bypass Java sandbox restrictions. NOTE: this issue was originally mapped
to CVE-2011-3571, but that identifier was already assigned to a different
issue.

Notes

Author Note
mdeslaur in natty+, NetX and the plugin moved to the icedtea-web package
sbeattie initially, oracle misidentified this as CVE-2011-3571; changelogs refer to that CVE instead of this one.
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchopenjdk-6< 6b27-1.12.3-0ubuntu1~08.04.1UNKNOWN
ubuntu10.04noarchopenjdk-6< 6b20-1.9.13-0ubuntu1~10.04.1UNKNOWN
ubuntu10.10noarchopenjdk-6< 6b20-1.9.13-0ubuntu1~10.10.1UNKNOWN
ubuntu11.04noarchopenjdk-6< 6b22-1.10.6-0ubuntu1UNKNOWN
ubuntu11.10noarchopenjdk-6< 6b23~pre11-0ubuntu1.11.10.2UNKNOWN
ubuntu10.04noarchopenjdk-6b18< 6b18-1.8.13-0ubuntu1~10.04.1UNKNOWN
ubuntu10.10noarchopenjdk-6b18< 6b18-1.8.13-0ubuntu1~10.10.1UNKNOWN
ubuntu11.04noarchopenjdk-6b18< 6b18-1.8.13-0ubuntu1~11.04.1UNKNOWN
ubuntu11.10noarchopenjdk-7< 7u9-2.3.3-0ubuntu1~11.10.1UNKNOWN

Related

prion 2
symantec 1
ubuntucve 1
cve 2
cvelist 2
nvd 2
attackerkb 1
packetstorm 1
openvas 56
seebug 3
checkpoint_advisories 4
saint 4
exploitdb 1
veracode 5
thn 4
threatpost 12
canvas 1
metasploit 1
zdt 1
cisa_kev 1
nessus 36
redhat 6
oraclelinux 2
centos 1
ubuntu 2
suse 4
amazon 1
fedora 14
debian 1
osv 2
ibm 2
avleonov 1
qualysblog 2
securelist 1
securityvulns 2
oracle 1
photon 1
gentoo 2
prion
prion
Design/Logic Flaw
2012-06-07 22:55:00
Design/Logic Flaw
2012-01-18 22:55:00
symantec
symantec
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2012-02-14 00:00:00
ubuntucve
ubuntucve
CVE-2011-3571
2012-01-18 00:00:00
cve
cve
CVE-2011-3571
2012-01-18 22:55:04
CVE-2012-0507
2012-06-07 22:55:17
cvelist
cvelist
CVE-2011-3571
2012-01-18 22:00:00
CVE-2012-0507
2012-06-07 22:00:00
nvd
nvd
CVE-2012-0507
2012-06-07 22:55:17
CVE-2011-3571
2012-01-18 22:55:04
attackerkb
attackerkb
CVE-2012-0507
2012-06-07 00:00:00
packetstorm
packetstorm
Java AtomicReferenceArray Type Violation
2012-03-30 00:00:00
openvas
openvas
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - Windows
2012-08-22 00:00:00
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows)
2012-08-22 00:00:00
Oracle: Security Advisory (ELSA-2012-0135)
2015-10-06 00:00:00
seebug
seebug
Oracle Java SE i18n子组件远程安全漏洞
2012-02-29 00:00:00
Java AtomicReferenceArray Type Violation Vulnerability
2014-07-01 00:00:00
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution - Ver2 (CVE-2012-0507)
2014-12-28 00:00:00
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution (CVE-2012-0507)
2012-04-16 00:00:00
Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)
2012-04-16 00:00:00
saint
saint
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
exploitdb
exploitdb
Java - AtomicReferenceArray Type Violation (Metasploit)
2012-03-30 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:06
Privilege Escalation
2020-04-10 01:10:19
Memory Corruption
2019-05-02 04:41:05
thn
thn
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 14:48:00
New Java Exploits boosts BlackHole exploit kit
2012-04-01 19:36:00
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 03:48:00
threatpost
threatpost
Nepalese Government Sites Hacked, Serving Zegost Malware
2012-08-08 20:16:56
Volume of Malware Targeting Java CVE-2012-1723 Flaw Spikes
2012-08-03 14:30:06
Dorifel Malware Encrypts Files, Steals Financial Data, May Be Related to Zeus or Citadel
2012-08-10 14:24:54
canvas
canvas
Immunity Canvas: JAVA_ATOMICREFERENCEARRAY
2012-06-07 22:55:00
metasploit
metasploit
Java AtomicReferenceArray Type Violation Vulnerability
2012-03-29 15:31:14
zdt
zdt
Java AtomicReferenceArray Type Violation Vulnerability
2012-03-30 00:00:00
cisa_kev
cisa_kev
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
nessus
nessus
openSUSE Security Update : virtualbox (openSUSE-SU-2012:1323-1)
2014-06-13 00:00:00
RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0322)
2012-02-22 00:00:00
Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0135)
2013-07-12 00:00:00
redhat
redhat
(RHSA-2012:0135) Critical: java-1.6.0-openjdk security update
2012-02-14 00:00:00
(RHSA-2012:0322) Important: java-1.6.0-openjdk security update
2012-02-21 00:00:00
(RHSA-2012:0139) Critical: java-1.6.0-sun security update
2012-02-16 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-02-28 00:00:00
java-1.6.0-openjdk security update
2012-02-15 00:00:00
centos
centos
java security update
2012-02-15 10:26:37
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2012-02-24 00:00:00
OpenJDK 6 (ARM) vulnerabilities
2012-03-01 00:00:00
suse
suse
java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)
2012-02-27 21:08:27
Security update for Java 1.6.0 (important)
2012-02-27 21:08:20
Security update for IBM Java 1.6.0 (important)
2012-05-09 20:08:14
amazon
amazon
Critical: java-1.6.0-openjdk
2012-02-15 17:12:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc17
2012-02-28 10:45:39
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-65.1.11.1.fc16
2012-02-17 23:50:54
[SECURITY] Fedora 16 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc16
2012-02-15 23:55:01
debian
debian
[SECURITY] [DSA 2420-1] openjdk-6 security update
2012-02-28 20:11:47
osv
osv
openjdk-6 - several
2012-02-28 00:00:00
java-1_7_0-openjdk-1.7.0.121-1.1 on GA media
2024-06-15 00:00:00
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:05:25
Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)
2020-12-22 17:41:28
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42
qualysblog
qualysblog
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2012-08-20 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0413
2023-06-19 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.967

Percentile

99.7%

JSON
Related for UB:CVE-2012-0507
prion2symantec1ubuntucve1cve2cvelist2nvd2attackerkb1packetstorm1openvas56seebug3checkpoint_advisories4saint4exploitdb1veracode5thn4threatpost12canvas1metasploit1zdt1cisa_kev1nessus36redhat6oraclelinux2centos1ubuntu2suse4amazon1fedora14debian1osv2ibm2avleonov1qualysblog2securelist1securityvulns2oracle1photon1gentoo2