Lucene search

K
cveOracleCVE-2012-0507
HistoryJun 07, 2012 - 10:55 p.m.

CVE-2012-0507

2012-06-0722:55:17
oracle
web.nvd.nist.gov
1047
In Wild
3
cve-2012-0507
oracle
java
vulnerability
remote attackers
confidentiality
integrity
availability
concurrency
denial of service
jvm crash
java sandbox restrictions

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9

Confidence

High

EPSS

0.967

Percentile

99.7%

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Affected configurations

Nvd
Node
sunjreMatch1.5.0-
OR
sunjreMatch1.5.0update1
OR
sunjreMatch1.5.0update10
OR
sunjreMatch1.5.0update11
OR
sunjreMatch1.5.0update12
OR
sunjreMatch1.5.0update13
OR
sunjreMatch1.5.0update14
OR
sunjreMatch1.5.0update15
OR
sunjreMatch1.5.0update16
OR
sunjreMatch1.5.0update17
OR
sunjreMatch1.5.0update18
OR
sunjreMatch1.5.0update19
OR
sunjreMatch1.5.0update2
OR
sunjreMatch1.5.0update20
OR
sunjreMatch1.5.0update21
OR
sunjreMatch1.5.0update22
OR
sunjreMatch1.5.0update23
OR
sunjreMatch1.5.0update24
OR
sunjreMatch1.5.0update25
OR
sunjreMatch1.5.0update26
OR
sunjreMatch1.5.0update27
OR
sunjreMatch1.5.0update28
OR
sunjreMatch1.5.0update29
OR
sunjreMatch1.5.0update3
OR
sunjreMatch1.5.0update31
OR
sunjreMatch1.5.0update33
OR
sunjreMatch1.5.0update4
OR
sunjreMatch1.5.0update5
OR
sunjreMatch1.5.0update6
OR
sunjreMatch1.5.0update7
OR
sunjreMatch1.5.0update8
OR
sunjreMatch1.5.0update9
Node
oraclejreMatch1.6.0update22
OR
oraclejreMatch1.6.0update23
OR
oraclejreMatch1.6.0update24
OR
oraclejreMatch1.6.0update25
OR
oraclejreMatch1.6.0update26
OR
oraclejreMatch1.6.0update27
OR
oraclejreMatch1.6.0update29
OR
oraclejreMatch1.6.0update30
OR
sunjreMatch1.6.0-
OR
sunjreMatch1.6.0update_1
OR
sunjreMatch1.6.0update_10
OR
sunjreMatch1.6.0update_11
OR
sunjreMatch1.6.0update_12
OR
sunjreMatch1.6.0update_13
OR
sunjreMatch1.6.0update_14
OR
sunjreMatch1.6.0update_15
OR
sunjreMatch1.6.0update_16
OR
sunjreMatch1.6.0update_17
OR
sunjreMatch1.6.0update_18
OR
sunjreMatch1.6.0update_19
OR
sunjreMatch1.6.0update_2
OR
sunjreMatch1.6.0update_20
OR
sunjreMatch1.6.0update_21
OR
sunjreMatch1.6.0update_3
OR
sunjreMatch1.6.0update_4
OR
sunjreMatch1.6.0update_5
OR
sunjreMatch1.6.0update_6
OR
sunjreMatch1.6.0update_7
Node
oraclejreMatch1.7.0-
OR
oraclejreMatch1.7.0update1
OR
oraclejreMatch1.7.0update2
Node
debiandebian_linuxMatch6.0
OR
debiandebian_linuxMatch7.0
Node
suselinux_enterprise_desktopMatch10sp4-
OR
suselinux_enterprise_javaMatch10sp4
OR
suselinux_enterprise_javaMatch11sp1
OR
suselinux_enterprise_serverMatch10sp4-
OR
suselinux_enterprise_serverMatch11sp1-
OR
suselinux_enterprise_serverMatch11sp1vmware
OR
suselinux_enterprise_serverMatch11sp2-
OR
suselinux_enterprise_software_development_kitMatch11sp1
OR
suselinux_enterprise_software_development_kitMatch11sp2
VendorProductVersionCPE
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
sunjre1.5.0cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
Rows per page:
1-10 of 741

References

Social References

More

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9

Confidence

High

EPSS

0.967

Percentile

99.7%