JDK: java.lang.reflect.Method invoke() code execution

🗓️ 15 Nov 2012 21:03:00Reported by RedHatType

redhat

redhat🔗 access.redhat.com

Unspecified JRE vulnerability lets attackers achieve code execution via insecure Method invoke.

Reporter	Title	Published	Views	Family All 62
IBM Security Bulletins	Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE excuted under a security manager.	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: TADDM: Vulnerabilities in embedded JRE	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Management Framework affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)	25 Sep 202222:39	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Smart Analytics System 5600 clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Real Time clients affected by vulnerabilities in IBM JRE (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)	26 Sep 202205:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in IBM Java SDK (CVE-2012-4820, CVE-2012-4821, CVE-2012-4822, CVE-2012-4823)	25 Sep 202222:39	–	ibm
Check Point Advisories	IBM Java ProxyUtil Sandbox Breach (CVE-2012-4820)	20 Feb 201300:00	–	checkpoint_advisories
Check Point Advisories	IBM Java ProxyUtil Sandbox Breach - Ver2 (CVE-2012-4820)	18 May 201500:00	–	checkpoint_advisories
CVE	CVE-2012-4820	11 Jan 201300:00	–	cve

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	5	i386	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.i386.rpm
Red Hat Enterprise Linux	5	ppc	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.ppc.rpm
Red Hat Enterprise Linux	5	ppc64	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.ppc64.rpm
Red Hat Enterprise Linux	5	s390	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.s390.rpm
Red Hat Enterprise Linux	5	s390x	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.s390x.rpm
Red Hat Enterprise Linux	5	x86_64	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el5_8	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el5_8.x86_64.rpm
Red Hat Enterprise Linux	6	i686	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el6_3	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3.i686.rpm
Red Hat Enterprise Linux	6	ppc64	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el6_3	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3.ppc64.rpm
Red Hat Enterprise Linux	6	s390x	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el6_3	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3.s390x.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.5.0-ibm	1:1.5.0.15.0-1jpp.1.el6_3	java-1.5.0-ibm-1:1.5.0.15.0-1jpp.1.el6_3.x86_64.rpm

Source	Link
xforce	www.xforce.iss.net/xforce/xfdb/78764
access	www.access.redhat.com/security/cve/CVE-2012-4820
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2012-4820
cve	www.cve.org/CVERecord

21 Nov 2025 17:41Current

5.9Medium risk

Vulners AI Score5.9

CVSS 29.3

EPSS0.08461

JRE vulnerability java method invoke security manager remote attackers code execution