CVE-2012-0547

2012-08-3023:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2012-0547

unspecified vulnerability

java

runtime environment

jre

oracle

java se 7

update 6

awt

remote attack vectors

security-in-depth issue

8.6 High

AI Score

Confidence

High

0 Low

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:N/A:N

0.014 Low

EPSS

Percentile

86.3%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and “a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited.” NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to “toolkit internals references.”

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.7.0
oracle:jreoracle jreeq1.7.0
sun:jdksun jdkeq1.6.0
sun:jresun jreeq1.6.0
oracle:jdkoracle jdkeq1.6.0
oracle:jreoracle jreeq1.6.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	eq	1.7.0
oracle:jre	oracle jre	eq	1.7.0
sun:jdk	sun jdk	eq	1.6.0
sun:jre	sun jre	eq	1.6.0
oracle:jdk	oracle jdk	eq	1.6.0
oracle:jre	oracle jre	eq	1.6.0