CVE-2012-5085

2012-10-1621:55:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

java se

oracle

cve-2012-5085

networking

remote authenticated users

vulnerability

7.9 High

AI Score

Confidence

High

0 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:N/A:N

0.003 Low

EPSS

Percentile

68.0%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier allows remote authenticated users to have an unspecified impact via unknown vectors related to Networking. NOTE: the Oracle CPU states that this issue has a 0.0 CVSS score. If so, then this is not a vulnerability and this issue should not be included in CVE.

CPENameOperatorVersion
oracle:jdkoracle jdkle1.7.0
oracle:jreoracle jreeq1.7.0
sun:jdksun jdkeq1.6.0
sun:jresun jreeq1.6.0
sun:jdksun jdkeq1.6.0.200
sun:jdksun jdkeq1.6.0.210
oracle:jdkoracle jdkeq1.6.0
oracle:jreoracle jreeq1.6.0
sun:jresun jreeq1.5.0
sun:jdksun jdkeq1.5.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	le	1.7.0
oracle:jre	oracle jre	eq	1.7.0
sun:jdk	sun jdk	eq	1.6.0
sun:jre	sun jre	eq	1.6.0
sun:jdk	sun jdk	eq	1.6.0.200
sun:jdk	sun jdk	eq	1.6.0.210
oracle:jdk	oracle jdk	eq	1.6.0
oracle:jre	oracle jre	eq	1.6.0
sun:jre	sun jre	eq	1.5.0
sun:jdk	sun jdk	eq	1.5.0