Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2012-0507
HistoryJun 07, 2012 - 10:55 p.m.

Design/Logic Flaw

2012-06-0722:55:00
PRIOn knowledge base
www.prio-n.com
27

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

References

Related

prion 1
attackerkb 1
ubuntucve 2
symantec 1
cve 2
packetstorm 1
seebug 3
openvas 56
saint 4
thn 4
cisa_kev 1
checkpoint_advisories 4
veracode 5
threatpost 12
canvas 1
metasploit 1
exploitdb 1
nessus 35
oraclelinux 2
centos 1
redhat 6
ubuntu 2
suse 4
amazon 1
fedora 14
osv 1
debian 1
ibm 2
qualysblog 2
avleonov 1
securelist 1
securityvulns 2
oracle 1
photon 1
gentoo 2
prion
prion
Design/Logic Flaw
2012-01-18 22:55:00
attackerkb
attackerkb
CVE-2012-0507
2012-06-07 00:00:00
ubuntucve
ubuntucve
CVE-2012-0507
2012-02-24 00:00:00
CVE-2011-3571
2012-01-18 00:00:00
symantec
symantec
Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability
2012-02-14 00:00:00
cve
cve
CVE-2011-3571
2012-01-18 22:55:00
CVE-2012-0507
2012-06-07 22:55:17
packetstorm
packetstorm
Java AtomicReferenceArray Type Violation
2012-03-30 00:00:00
seebug
seebug
Oracle Java SE i18n子组件远程安全漏洞
2012-02-29 00:00:00
Java AtomicReferenceArray Type Violation Vulnerability
2014-07-01 00:00:00
IBM Rational AppScan 8.x/7.x 多个安全漏洞
2012-06-16 00:00:00
openvas
openvas
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - Windows
2012-08-22 00:00:00
Oracle Java SE Java Runtime Environment Code Execution Vulnerability - (Windows)
2012-08-22 00:00:00
Oracle: Security Advisory (ELSA-2012-0322)
2015-10-06 00:00:00
saint
saint
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
Java SE AtomicReferenceArray Unsafe Security Bypass
2012-03-30 00:00:00
thn
thn
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 03:48:00
New Mac Malware 'Dockster' Found on Dalai Lama site
2012-12-05 14:48:00
New Java Exploits boosts BlackHole exploit kit
2012-04-01 19:36:00
cisa_kev
cisa_kev
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
2022-03-03 00:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution - Ver2 (CVE-2012-0507)
2014-12-28 00:00:00
Oracle Java AtomicReferenceArray Sandbox Breach Code Execution (CVE-2012-0507)
2012-04-16 00:00:00
Protection against Black Hole Toolkit v1.2.3 Java Array Exploits (CVE-2009-1671; CVE-2012-0507)
2012-04-16 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:41:06
Privilege Escalation
2020-04-10 01:10:19
Memory Corruption
2019-05-02 04:41:05
threatpost
threatpost
Nepalese Government Sites Hacked, Serving Zegost Malware
2012-08-08 20:16:56
New Java Malware Exploits Both Windows And Mac Users
2012-04-24 17:37:49
Mozilla Adds Older Java Versions to Firefox Blocklist
2012-04-03 13:25:06
canvas
canvas
Immunity Canvas: JAVA_ATOMICREFERENCEARRAY
2012-06-07 22:55:00
metasploit
metasploit
Java AtomicReferenceArray Type Violation Vulnerability
2012-03-29 15:31:14
exploitdb
exploitdb
Java - AtomicReferenceArray Type Violation (Metasploit)
2012-03-30 00:00:00
nessus
nessus
openSUSE Security Update : virtualbox (openSUSE-SU-2012:1323-1)
2014-06-13 00:00:00
CentOS 6 : java-1.6.0-openjdk (CESA-2012:0135)
2012-02-16 00:00:00
RHEL 6 : java-1.6.0-openjdk (RHSA-2012:0135)
2012-02-15 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2012-02-15 00:00:00
java-1.6.0-openjdk security update
2012-02-28 00:00:00
centos
centos
java security update
2012-02-15 10:26:37
redhat
redhat
(RHSA-2012:0322) Important: java-1.6.0-openjdk security update
2012-02-21 00:00:00
(RHSA-2012:0135) Critical: java-1.6.0-openjdk security update
2012-02-14 00:00:00
(RHSA-2012:0139) Critical: java-1.6.0-sun security update
2012-02-16 00:00:00
ubuntu
ubuntu
OpenJDK 6 (ARM) vulnerabilities
2012-03-01 00:00:00
OpenJDK 6 vulnerabilities
2012-02-24 00:00:00
suse
suse
Security update for Java 1.6.0 (important)
2012-02-27 21:08:20
java-1_6_0-openjdk: Update to iced tea 1.11.1 b24 security release (important)
2012-02-27 21:08:27
Security update for IBM Java 1.6.0 (important)
2012-05-09 21:08:17
amazon
amazon
Critical: java-1.6.0-openjdk
2012-02-15 17:12:00
fedora
fedora
[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.3-2.1.fc17
2012-02-28 10:45:39
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.4.fc16
2012-09-19 03:03:35
[SECURITY] Fedora 16 Update: java-1.6.0-openjdk-1.6.0.0-68.1.11.5.fc16
2012-10-18 00:30:15
osv
osv
openjdk-6 - several
2012-02-28 00:00:00
debian
debian
[SECURITY] [DSA 2420-1] openjdk-6 security update
2012-02-28 20:11:47
ibm
ibm
Security Bulletin: Unspecified Vulnerabilities in Rational Synergy (CVE-2012-0502,CVE-2012-0503,CVE-2012-0506,CVE-2012-0507,CVE-2011-3563,CVE-2012-0500,CVE-2012-0497,CVE-2012-0498,CVE-2012-0499,CVE-2012-0500,CVE-2012-0501,CVE-2012-0505,CVE-2011-5035)
2020-12-22 17:41:28
Potential Security Vulnerabilities With JavaTM SDKs
2018-06-17 14:05:25
qualysblog
qualysblog
Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)
2023-07-18 13:38:53
Qualys Top 20 Most Exploited Vulnerabilities
2023-09-04 14:00:00
avleonov
avleonov
September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM
2023-09-30 19:31:42
securelist
securelist
Investigation Report for the September 2014 Equation malware detection incident in the US
2017-11-16 10:00:34
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2012-08-20 00:00:00
Oracle / Sun / People Soft / MySQL applications multiple security vulnerabilities
2012-03-10 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2012
2012-01-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0413
2023-06-19 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

8.4 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.973 High

EPSS

Percentile

99.9%

JSON
Related for PRION:CVE-2012-0507
prion1attackerkb1ubuntucve2symantec1cve2packetstorm1seebug3openvas56saint4thn4cisa_kev1checkpoint_advisories4veracode5threatpost12canvas1metasploit1exploitdb1nessus35oraclelinux2centos1redhat6ubuntu2suse4amazon1fedora14osv1debian1ibm2qualysblog2avleonov1securelist1securityvulns2oracle1photon1gentoo2