Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-0507
HistoryJun 07, 2012 - 10:55 p.m.

CVE-2012-0507

2012-06-0722:55:17
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
1026
In Wild
3
cve-2012-0507
oracle
java
vulnerability
remote attackers
confidentiality
integrity
availability
concurrency
denial of service
jvm crash
java sandbox restrictions

9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.7%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

CPENameOperatorVersion
sun:jresun jreeq1.5.0

References

Social References

More

Related

prion 2
attackerkb 1
ubuntucve 2
symantec 1
cve 1
checkpoint_advisories 4
seebug 3
openvas 56
veracode 5
saint 4
thn 4
cisa_kev 1
packetstorm 1
threatpost 12
canvas 1
metasploit 1
exploitdb 1
nessus 35
oraclelinux 2
centos 1
redhat 6
ubuntu 2
osv 1
debian 1
suse 4
ibm 2
qualysblog 2
avleonov 1
securelist 1
amazon 1
fedora 14
securityvulns 2
photon 1
oracle 1
gentoo 2
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
Design/Logic Flaw
2012-06-07 22:55:00
attackerkb
attackerkb
CVE-2012-0507
2012-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-0507
2012-02-24 00:00:00
CVE-2011-3571
2012-01-18 00:00:00
symantec
symantec
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2012-02-14 00:00:00
cve
cve
CVE-2011-3571
2012-01-18 22:55:00
checkpoint_advisories
checkpoint_advisories
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution - Ver2 (CVE-2012-0507)
2014-12-28 00:00:00
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution (CVE-2012-0507)
2012-04-16 00:00:00
Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)
2012-04-16 00:00:00
seebug
seebug
Java AtomicReferenceArray Type Violation Vulnerability
2014-07-01 00:00:00
Oracle Java SE i18n子组件远程安全漏洞
2012-02-29 00:00:00
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
openvas
openvas
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows)
2012-08-22 00:00:00
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - Windows
2012-08-22 00:00:00
Oracle: Security Advisory (ELSA-2012-0322)
2015-10-06 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:06
Privilege Escalation
2020-04-10 01:10:19
Memory Corruption
2019-05-02 04:41:04
saint
saint
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
thn
thn
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 03:48:00
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 14:48:00
New Java Exploits boosts BlackHole exploit kit
2012-04-01 19:36:00
cisa_kev
cisa_kev
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
packetstorm
packetstorm
Java AtomicReferenceArray Type Violation
2012-03-30 00:00:00
threatpost
threatpost
Nepalese Government Sites Hacked, Serving Zegost Malware
2012-08-08 20:16:56
New Java Malware Exploits Both Windows And Mac Users
2012-04-24 17:37:49
Mozilla Adds Older Java Versions to Firefox Blocklist
2012-04-03 13:25:06
canvas
canvas
Immunity Canvas: JAVA_ATOMICREFERENCEARRAY
2012-06-07 22:55:00
metasploit
metasploit
Java AtomicReferenceArray Type Violation Vulnerability
2012-03-29 15:31:14
exploitdb
exploitdb
Java - AtomicReferenceArray Type Violation (Metasploit)
2012-03-30 00:00:00
nessus
nessus
Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2012-0322)
2013-07-12 00:00:00
CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)
2012-02-16 00:00:00
RHEL 6 : java-1.6.0-openjdk (RHSA-2012:0135)
2012-02-15 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-02-15 00:00:00
java-1.6.0-openjdk security update
2012-02-28 00:00:00
centos
centos
java security update
2012-02-15 10:26:37
redhat
redhat
(RHSA-2012:0135) Critical: java-1.6.0-openjdk security update
2012-02-14 00:00:00
(RHSA-2012:0322) Important: java-1.6.0-openjdk security update
2012-02-21 00:00:00
(RHSA-2012:0139) Critical: java-1.6.0-sun security update
2012-02-16 00:00:00
ubuntu
ubuntu
OpenJDK 6 (ARM) vulnerabilities
2012-03-01 00:00:00
OpenJDK 6 vulnerabilities
2012-02-24 00:00:00
osv
osv
openjdk-6 - several
2012-02-28 00:00:00
debian
debian
[SECURITY] [DSA 2420-1] openjdk-6 security update
2012-02-28 20:11:47
suse
suse
Security update for IBM Java 1.6.0 (important)
2012-05-09 21:08:17
Security update for IBM Java 1.6.0 (important)
2012-05-09 20:08:14
Security update for Java 1.6.0 (important)
2012-02-27 21:08:20
ibm
ibm
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:05:25
Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)
2020-12-22 17:41:28
qualysblog
qualysblog
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
amazon
amazon
Critical: java-1.6.0-openjdk
2012-02-15 17:12:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc17
2012-02-28 10:45:39
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
2012-09-19 03:03:35
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.5.fc16
2012-10-18 00:30:15
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2012-08-20 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0413
2023-06-19 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00

9 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.968 High

EPSS

Percentile

99.7%

JSON
Related for CVE-2012-0507
prion2attackerkb1ubuntucve2symantec1cve1checkpoint_advisories4seebug3openvas56veracode5saint4thn4cisa_kev1packetstorm1threatpost12canvas1metasploit1exploitdb1nessus35oraclelinux2centos1redhat6ubuntu2osv1debian1suse4ibm2qualysblog2avleonov1securelist1amazon1fedora14securityvulns2photon1oracle1gentoo2