CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html	Third Party Advisory
http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html	Exploit Third Party Advisory
http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/	Broken Link Exploit
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html	Mailing List
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1225.html	Third Party Advisory
http://secunia.com/advisories/51044	Not Applicable
http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html	Third Party Advisory Broken Link
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html	Vendor Advisory
http://www.securityfocus.com/bid/55213	Third Party Advisory VDB Entry Broken Link
http://www.us-cert.gov/cas/techalerts/TA12-240A.html	Third Party Advisory US Government Resource
https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day	Third Party Advisory Broken Link
http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html	Third Party Advisory
http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html	Exploit Third Party Advisory
http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/	Broken Link Exploit
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html	Mailing List
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html	Mailing List
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=135109152819176&w=2	Issue Tracking Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1225.html	Third Party Advisory
http://secunia.com/advisories/51044	Not Applicable
http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html	Third Party Advisory Broken Link
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html	Vendor Advisory
http://www.securityfocus.com/bid/55213	Third Party Advisory VDB Entry Broken Link
http://www.us-cert.gov/cas/techalerts/TA12-240A.html	Third Party Advisory US Government Resource
https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day	Third Party Advisory Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jdk:1.6.0:-::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update1::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update10::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update11::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update12::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update13::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update14::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update15::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update16::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update17::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update18::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update19::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update2::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update20::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update21::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update22::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update23::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update24::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update25::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update26::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update27::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update29::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update3::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update30::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update31::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update32::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update33::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update34::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update4::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update5::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update6::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update7::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update8::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update9::::::
	cpe:2.3:a:oracle:jdk:1.7.0:-::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update1::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update2::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update3::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update4::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update5::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update6::::::
	cpe:2.3:a:oracle:jre:1.6.0:-::::::
	cpe:2.3:a:oracle:jre:1.6.0:update1::::::
	cpe:2.3:a:oracle:jre:1.6.0:update10::::::
	cpe:2.3:a:oracle:jre:1.6.0:update11::::::
	cpe:2.3:a:oracle:jre:1.6.0:update12::::::
	cpe:2.3:a:oracle:jre:1.6.0:update13::::::
	cpe:2.3:a:oracle:jre:1.6.0:update14::::::
	cpe:2.3:a:oracle:jre:1.6.0:update15::::::
	cpe:2.3:a:oracle:jre:1.6.0:update16::::::
	cpe:2.3:a:oracle:jre:1.6.0:update17::::::
	cpe:2.3:a:oracle:jre:1.6.0:update18::::::
	cpe:2.3:a:oracle:jre:1.6.0:update19::::::
	cpe:2.3:a:oracle:jre:1.6.0:update2::::::
	cpe:2.3:a:oracle:jre:1.6.0:update20::::::
	cpe:2.3:a:oracle:jre:1.6.0:update21::::::
	cpe:2.3:a:oracle:jre:1.6.0:update22::::::
	cpe:2.3:a:oracle:jre:1.6.0:update23::::::
	cpe:2.3:a:oracle:jre:1.6.0:update24::::::
	cpe:2.3:a:oracle:jre:1.6.0:update25::::::
	cpe:2.3:a:oracle:jre:1.6.0:update26::::::
	cpe:2.3:a:oracle:jre:1.6.0:update27::::::
	cpe:2.3:a:oracle:jre:1.6.0:update29::::::
	cpe:2.3:a:oracle:jre:1.6.0:update3::::::
cpe:2.3:a:oracle:jre:1.6.0:update30::::::
cpe:2.3:a:oracle:jre:1.6.0:update31::::::
cpe:2.3:a:oracle:jre:1.6.0:update32::::::
cpe:2.3:a:oracle:jre:1.6.0:update33::::::
cpe:2.3:a:oracle:jre:1.6.0:update34::::::
cpe:2.3:a:oracle:jre:1.6.0:update4::::::
cpe:2.3:a:oracle:jre:1.6.0:update5::::::
cpe:2.3:a:oracle:jre:1.6.0:update6::::::
cpe:2.3:a:oracle:jre:1.6.0:update7::::::
cpe:2.3:a:oracle:jre:1.6.0:update9::::::
cpe:2.3:a:oracle:jre:1.7.0:-::::::
cpe:2.3:a:oracle:jre:1.7.0:update1::::::
cpe:2.3:a:oracle:jre:1.7.0:update2::::::
cpe:2.3:a:oracle:jre:1.7.0:update3::::::
cpe:2.3:a:oracle:jre:1.7.0:update4::::::
cpe:2.3:a:oracle:jre:1.7.0:update5::::::
cpe:2.3:a:oracle:jre:1.7.0:update6::::::

Configuration 2 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

History

14 Mar 2025, 15:27

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html - Broken Link~~	() http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html - Mailing List
References	~~() http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html - Broken Link~~	() http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html - Mailing List
References	~~() http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html - Third Party Advisory~~	() http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html - Third Party Advisory, Broken Link
References	~~() http://www.securityfocus.com/bid/55213 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/55213 - Third Party Advisory, VDB Entry, Broken Link
References	~~() https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day - Third Party Advisory~~	() https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day - Third Party Advisory, Broken Link

10 Feb 2025, 20:15

Type	Values Removed	Values Added
CVSS	v2 : ~~10.0~~ v3 : ~~unknown~~	v2 : 10.0 v3 : 9.8
CWE		CWE-284

21 Nov 2024, 01:43

Type	Values Removed	Values Added
References	~~() http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html - Third Party Advisory~~	() http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html - Third Party Advisory
References	~~() http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html - Exploit, Third Party Advisory~~	() http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html - Exploit, Third Party Advisory
References	~~() http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ - Broken Link, Exploit~~	() http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ - Broken Link, Exploit
References	~~() http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html - Broken Link~~	() http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html - Broken Link
References	~~() http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html - Broken Link~~	() http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html - Broken Link
References	~~() http://marc.info/?l=bugtraq&m=135109152819176&w=2 - Issue Tracking, Mailing List, Third Party Advisory~~	() http://marc.info/?l=bugtraq&m=135109152819176&w=2 - Issue Tracking, Mailing List, Third Party Advisory
References	~~() http://rhn.redhat.com/errata/RHSA-2012-1225.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2012-1225.html - Third Party Advisory
References	~~() http://secunia.com/advisories/51044 - Not Applicable~~	() http://secunia.com/advisories/51044 - Not Applicable
References	~~() http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html - Third Party Advisory~~	() http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html - Third Party Advisory
References	~~() http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html - Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/55213 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/55213 - Third Party Advisory, VDB Entry
References	~~() http://www.us-cert.gov/cas/techalerts/TA12-240A.html - Third Party Advisory, US Government Resource~~	() http://www.us-cert.gov/cas/techalerts/TA12-240A.html - Third Party Advisory, US Government Resource
References	~~() https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day - Third Party Advisory~~	() https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day - Third Party Advisory

21 Dec 2022, 15:28

Type	Values Removed	Values Added
References	~~(SECUNIA) http://secunia.com/advisories/51044 -~~	(SECUNIA) http://secunia.com/advisories/51044 - Not Applicable
References	~~(HP) http://marc.info/?l=bugtraq&m=135109152819176&w=2 -~~	(HP) http://marc.info/?l=bugtraq&m=135109152819176&w=2 - Issue Tracking, Mailing List, Third Party Advisory
References	~~(BID) http://www.securityfocus.com/bid/55213 -~~	(BID) http://www.securityfocus.com/bid/55213 - Third Party Advisory, VDB Entry
References	~~(MISC) http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html -~~	(MISC) http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html - Third Party Advisory
References	~~(MISC) http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html -~~	(MISC) http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html - Exploit, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html - Broken Link
References	~~(MISC) https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day -~~	(MISC) https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day - Third Party Advisory
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html -~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html - Vendor Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html - Broken Link
References	~~(REDHAT) http://rhn.redhat.com/errata/RHSA-2012-1225.html -~~	(REDHAT) http://rhn.redhat.com/errata/RHSA-2012-1225.html - Third Party Advisory
References	~~(MISC) http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ - Exploit~~	(MISC) http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/ - Broken Link, Exploit
References	~~(CERT) http://www.us-cert.gov/cas/techalerts/TA12-240A.html - US Government Resource~~	(CERT) http://www.us-cert.gov/cas/techalerts/TA12-240A.html - Third Party Advisory, US Government Resource
References	~~(MISC) http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html -~~	(MISC) http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html - Third Party Advisory
CPE	cpe:2.3:a:sun:jdk:1.6.0:update2:::::: cpe:2.3:a:sun:jdk:1.6.0:update_13:::::: cpe:2.3:a:sun:jdk:1.5.0:update10:::::: cpe:2.3:a:sun:jre:1.6.0:update_1:::::: cpe:2.3:a:sun:jdk:1.5.0:update19:::::: cpe:2.3:a:sun:jdk:1.6.0:update_17:::::: cpe:2.3:a:sun:jdk:1.6.0:update_3:::::: cpe:2.3:a:sun:jdk:1.4.2_16:::::::* cpe:2.3:a:sun:jdk:1.5.0:update7_b03:::::: cpe:2.3:a:sun:jre:1.6.0:update_21:::::: cpe:2.3:a:sun:jdk:1.4.2_35:::::::* cpe:2.3:a:sun:jre:1.6.0:update_2:::::: cpe:2.3:a:sun:jre:1.6.0:update_10:::::: cpe:2.3:a:sun:jdk:1.6.0:update_7:::::: cpe:2.3:a:oracle:jre:1.7.0:::::::* cpe:2.3:a:sun:jdk:1.5.0:update14:::::: cpe:2.3:a:sun:jre:1.4.2_13:::::::* cpe:2.3:a:sun:jre:1.6.0:update_17:::::: cpe:2.3:a:sun:jre:1.4.2_23:::::::* cpe:2.3:a:sun:jdk:1.5.0:update22:::::: cpe:2.3:a:oracle:jdk::update36::::::* cpe:2.3:a:sun:jre:1.4.2_33:::::::* cpe:2.3:a:sun:jre:1.5.0:update23:::::: cpe:2.3:a:sun:jdk:1.5.0:update25:::::: cpe:2.3:a:sun:jdk:1.5.0:update5:::::: cpe:2.3:a:sun:jdk:1.5.0:update23:::::: cpe:2.3:a:sun:jdk:1.5.0:update13:::::: cpe:2.3:a:sun:jdk:1.5.0:update16:::::: cpe:2.3:a:sun:jdk:1.4.2:::::::* cpe:2.3:a:sun:jre:1.4.2_7:::::::* cpe:2.3:a:sun:jre:1.4.2_25:::::::* cpe:2.3:a:sun:jdk:1.4.2_8:::::::* cpe:2.3:a:sun:jre:1.5.0:update19:::::: cpe:2.3:a:sun:jre:1.6.0:update_5:::::: cpe:2.3:a:sun:jdk:1.4.2_23:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_16:::::: cpe:2.3:a:sun:jdk:1.4.2_32:::::::* cpe:2.3:a:sun:jdk:1.5.0:update2:::::: cpe:2.3:a:sun:jre:1.5.0:update12:::::: cpe:2.3:a:sun:jdk:1.4.2_31:::::::* cpe:2.3:a:sun:jdk:1.4.2_29:::::::* cpe:2.3:a:sun:jdk:1.4.2_14:::::::* cpe:2.3:a:sun:jre:1.6.0:update_19:::::: cpe:2.3:a:sun:jre:1.6.0:::::::* cpe:2.3:a:sun:jre:1.4.2_28:::::::* cpe:2.3:a:sun:jre:1.5.0:::::::* cpe:2.3:a:sun:jre:1.4.2_19:::::::* cpe:2.3:a:sun:jdk:1.5.0:update11_b03:::::: cpe:2.3:a:sun:jdk:1.4.2_11:::::::* cpe:2.3:a:sun:jre:1.6.0:update_14:::::: cpe:2.3:a:sun:jdk:1.4.2_9:::::::* cpe:2.3:a:sun:jdk:1.5.0:update12:::::: cpe:2.3:a:sun:jre:1.5.0:update8:::::: cpe:2.3:a:sun:jre:1.5.0:update29:::::: cpe:2.3:a:sun:jre:1.5.0:update27:::::: cpe:2.3:a:sun:jdk:1.5.0:update31:::::: cpe:2.3:a:sun:jdk:1.6.0:update_12:::::: cpe:2.3:a:sun:jre:1.4.2_24:::::::* cpe:2.3:a:sun:jre:1.4.2_12:::::::* cpe:2.3:a:sun:jre:1.5.0:update15:::::: cpe:2.3:a:sun:jre:1.5.0:update10:::::: cpe:2.3:a:sun:jdk:1.5.0:update27:::::: cpe:2.3:a:sun:jre:1.5.0:update6:::::: cpe:2.3:a:sun:jre:1.5.0:update5:::::: cpe:2.3:a:sun:jre:1.4.2_27:::::::* cpe:2.3:a:sun:jre:1.5.0:update14:::::: cpe:2.3:a:sun:jre:1.6.0:update_7:::::: cpe:2.3:a:sun:jre:1.6.0:update_13:::::: cpe:2.3:a:sun:jdk:1.4.2_26:::::::* cpe:2.3:a:sun:jre:1.5.0:update20:::::: cpe:2.3:a:sun:jre:1.5.0:update25:::::: cpe:2.3:a:oracle:jdk::update6::::::* cpe:2.3:a:sun:jdk:1.4.2_3:::::::* cpe:2.3:a:sun:jdk:1.4.2_28:::::::* cpe:2.3:a:sun:jre:1.4.2_35:::::::* cpe:2.3:a:sun:jdk:1.4.2_25:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_5:::::: cpe:2.3:a:sun:jre:1.5.0:update28:::::: cpe:2.3:a:sun:jdk:1.6.0:update_4:::::: cpe:2.3:a:sun:jdk:1.6.0:update_6:::::: cpe:2.3:a:sun:jdk:1.5.0:update26:::::: cpe:2.3:a:sun:jre:1.4.2_2:::::::* cpe:2.3:a:sun:jre:1.6.0:update_16:::::: cpe:2.3:a:sun:jre:1.4.2_36:::::::* cpe:2.3:a:sun:jdk:1.5.0:update3:::::: cpe:2.3:a:sun:jdk:1.6.0:update_10:::::: cpe:2.3:a:sun:jre:1.4.2_31:::::::* cpe:2.3:a:oracle:jdk:::::::: cpe:2.3:a:sun:jdk:1.6.0:update_19:::::: cpe:2.3:a:sun:jdk:1.6.0:update1_b06:::::: cpe:2.3:a:sun:jre:1.5.0:update24:::::: cpe:2.3:a:sun:jre:1.5.0:update1:::::: cpe:2.3:a:sun:jdk:1.4.2_33:::::::* cpe:2.3:a:sun:jdk:1.5.0:update29:::::: cpe:2.3:a:oracle:jre::update6::::::* cpe:2.3:a:sun:jdk:1.4.2_18:::::::* cpe:2.3:a:sun:jdk:1.4.2_37:::::::* cpe:2.3:a:sun:jre:1.6.0:update_18:::::: cpe:2.3:a:sun:jre:1.4.2_32:::::::* cpe:2.3:a:sun:jre:1.6.0:update_12:::::: cpe:2.3:a:sun:jre:1.4.2_30:::::::* cpe:2.3:a:sun:jre:1.5.0:update4:::::: cpe:2.3:a:sun:jdk:1.4.2_7:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_14:::::: cpe:2.3:a:sun:jre:1.4.2_10:::::::* cpe:2.3:a:sun:jre:1.4.2_14:::::::* cpe:2.3:a:sun:jre:1.5.0:update3:::::: cpe:2.3:a:sun:jre:1.6.0:update_11:::::: cpe:2.3:a:sun:jre:1.4.2_16:::::::* cpe:2.3:a:sun:jdk:1.4.2_17:::::::* cpe:2.3:a:sun:jdk:1.5.0:update7:::::: cpe:2.3:a:sun:jdk:1.5.0:update17:::::: cpe:2.3:a:sun:jdk:1.5.0:update18:::::: cpe:2.3:a:sun:jdk:1.4.2_4:::::::* cpe:2.3:a:sun:jre:1.5.0:update31:::::: cpe:2.3:a:sun:jre:1.4.2_26:::::::* cpe:2.3:a:sun:jdk:1.4.2_13:::::::* cpe:2.3:a:sun:jdk:1.6.0.210:update21:::::: cpe:2.3:a:sun:jdk:1.4.2_36:::::::* cpe:2.3:a:sun:jdk:1.6.0.200:update20:::::: cpe:2.3:a:sun:jre:1.4.2_9:::::::* cpe:2.3:a:oracle:jdk::update35::::::* cpe:2.3:a:sun:jre:1.5.0:update33:::::: cpe:2.3:a:sun:jre:1.4.2_37:::::::* cpe:2.3:a:sun:jdk:1.4.2_2:::::::* cpe:2.3:a:sun:jre:1.4.2_18:::::::* cpe:2.3:a:sun:jdk:1.5.0:update20:::::: cpe:2.3:a:sun:jre:1.6.0:update_3:::::: cpe:2.3:a:sun:jre:1.6.0:update_6:::::: cpe:2.3:a:sun:jdk:1.5.0:::::::* cpe:2.3:a:sun:jdk:1.5.0:update24:::::: cpe:2.3:a:sun:jre:1.4.2_3:::::::* cpe:2.3:a:sun:jdk:1.4.2_5:::::::* cpe:2.3:a:sun:jre:1.4.2_22:::::::* cpe:2.3:a:sun:jre:1.5.0:update22:::::: cpe:2.3:a:sun:jdk:1.4.2_15:::::::* cpe:2.3:a:sun:jre:1.4.2_6:::::::* cpe:2.3:a:sun:jre:1.5.0:update18:::::: cpe:2.3:a:sun:jdk:1.5.0:update15:::::: cpe:2.3:a:sun:jre:1.5.0:update9:::::: cpe:2.3:a:sun:jdk:1.4.2_27:::::::* cpe:2.3:a:sun:jdk:1.6.0:update1:::::: cpe:2.3:a:sun:jre:1.4.2_4:::::::* cpe:2.3:a:sun:jdk:1.4.2_34:::::::* cpe:2.3:a:sun:jre:1.5.0:update11:::::: cpe:2.3:a:sun:jre:1.4.2_8:::::::* cpe:2.3:a:oracle:jre:::::::: cpe:2.3:a:sun:jre:1.5.0:update26:::::: cpe:2.3:a:sun:jdk:1.4.2_19:::::::* cpe:2.3:a:sun:jdk:1.4.2_6:::::::* cpe:2.3:a:sun:jre:1.5.0:update17:::::: cpe:2.3:a:sun:jre:1.6.0:update_20:::::: cpe:2.3:a:sun:jre:1.5.0:update21:::::: cpe:2.3:a:sun:jdk:1.4.2_22:::::::* cpe:2.3:a:sun:jdk:1.5.0:update11:::::: cpe:2.3:a:sun:jre:1.4.2_5:::::::* cpe:2.3:a:sun:jdk:1.5.0:update21:::::: cpe:2.3:a:sun:jdk:1.5.0:update33:::::: cpe:2.3:a:sun:jre:1.4.2_11:::::::* cpe:2.3:a:sun:jdk:1.5.0:update4:::::: cpe:2.3:a:sun:jre:1.4.2_29:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_11:::::: cpe:2.3:a:oracle:jdk:1.7.0:::::::* cpe:2.3:a:sun:jdk:1.5.0:update9:::::: cpe:2.3:a:sun:jdk:1.4.2_10:::::::* cpe:2.3:a:sun:jre:1.4.2_1:::::::* cpe:2.3:a:sun:jre:1.5.0:update16:::::: cpe:2.3:a:sun:jre:1.4.2_20:::::::* cpe:2.3:a:sun:jre:1.6.0:update_4:::::: cpe:2.3:a:sun:jre:1.5.0:update13:::::: cpe:2.3:a:sun:jre:1.5.0:update7:::::: cpe:2.3:a:sun:jdk:1.5.0:update8:::::: cpe:2.3:a:sun:jre:1.4.2_21:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_15:::::: cpe:2.3:a:sun:jre:1.5.0:update2:::::: cpe:2.3:a:sun:jdk:1.5.0:update1:::::: cpe:2.3:a:sun:jdk:1.5.0:update28:::::: cpe:2.3:a:sun:jdk:1.4.2_30:::::::* cpe:2.3:a:sun:jre:1.4.2_15:::::::* cpe:2.3:a:sun:jre:1.6.0:update_15:::::: cpe:2.3:a:sun:jdk:1.4.2_1:::::::* cpe:2.3:a:sun:jdk:1.5.0:update6:::::: cpe:2.3:a:sun:jre:1.4.2_34:::::::* cpe:2.3:a:sun:jdk:1.4.2_12:::::::* cpe:2.3:a:sun:jre:1.4.2_17:::::::* cpe:2.3:a:sun:jdk:1.6.0:update_18:::::: cpe:2.3:a:oracle:jre::update36::::::* cpe:2.3:a:oracle:jre::update35::::::*	cpe:2.3:a:oracle:jre:1.6.0:update20:::::: cpe:2.3:a:oracle:jdk:1.6.0:update8:::::: cpe:2.3:a:oracle:jdk:1.6.0:update10:::::: cpe:2.3:a:oracle:jre:1.6.0:update16:::::: cpe:2.3:a:oracle:jdk:1.6.0:update5:::::: cpe:2.3:a:oracle:jre:1.7.0:update6:::::: cpe:2.3:a:oracle:jdk:1.6.0:update17:::::: cpe:2.3:a:oracle:jdk:1.6.0:update2:::::: cpe:2.3:a:oracle:jdk:1.6.0:update16:::::: cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:a:oracle:jre:1.6.0:update1:::::: cpe:2.3:a:oracle:jre:1.6.0:update6:::::: cpe:2.3:a:oracle:jre:1.6.0:update4:::::: cpe:2.3:a:oracle:jdk:1.6.0:update12:::::: cpe:2.3:a:oracle:jdk:1.6.0:update9:::::: cpe:2.3:a:oracle:jre:1.6.0:update5:::::: cpe:2.3:a:oracle:jre:1.6.0:update2:::::: cpe:2.3:a:oracle:jre:1.6.0:update9:::::: cpe:2.3:a:oracle:jdk:1.6.0:update15:::::: cpe:2.3:a:oracle:jre:1.6.0:update18:::::: cpe:2.3:a:oracle:jdk:1.6.0:update21:::::: cpe:2.3:a:oracle:jre:1.6.0:update3:::::: cpe:2.3:a:oracle:jre:1.6.0:update19:::::: cpe:2.3:a:oracle:jre:1.7.0:-:::::: cpe:2.3:a:oracle:jre:1.6.0:update14:::::: cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:a:oracle:jdk:1.6.0:update20:::::: cpe:2.3:a:oracle:jre:1.6.0:update13:::::: cpe:2.3:a:oracle:jre:1.6.0:update17:::::: cpe:2.3:a:oracle:jre:1.6.0:update7:::::: cpe:2.3:a:oracle:jre:1.6.0:update11:::::: cpe:2.3:a:oracle:jre:1.6.0:-:::::: cpe:2.3:a:oracle:jre:1.6.0:update10:::::: cpe:2.3:a:oracle:jdk:1.6.0:update7:::::: cpe:2.3:a:oracle:jdk:1.6.0:-:::::: cpe:2.3:a:oracle:jre:1.6.0:update12:::::: cpe:2.3:a:oracle:jdk:1.6.0:update6:::::: cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::* cpe:2.3:a:oracle:jdk:1.6.0:update19:::::: cpe:2.3:a:oracle:jdk:1.6.0:update11:::::: cpe:2.3:a:oracle:jdk:1.6.0:update14:::::: cpe:2.3:a:oracle:jre:1.6.0:update21:::::: cpe:2.3:a:oracle:jre:1.6.0:update15:::::: cpe:2.3:a:oracle:jdk:1.6.0:update3:::::: cpe:2.3:a:oracle:jdk:1.7.0:-:::::: cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:a:oracle:jdk:1.6.0:update18:::::: cpe:2.3:a:oracle:jdk:1.6.0:update4:::::: cpe:2.3:a:oracle:jdk:1.6.0:update1:::::: cpe:2.3:a:oracle:jdk:1.7.0:update6:::::: cpe:2.3:a:oracle:jdk:1.6.0:update13::::::

13 May 2022, 14:52

Type	Values Removed	Values Added
CPE	cpe:2.3:a:oracle:jre:1.6.0:update_23:::::: cpe:2.3:a:oracle:jdk::update_36::::::* cpe:2.3:a:oracle:jdk::update_35::::::* cpe:2.3:a:oracle:jdk:1.6.0:update_22:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_34:::::: cpe:2.3:a:oracle:jre:1.6.0:update_22:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_26:::::: cpe:2.3:a:oracle:jre:1.6.0:update_30:::::: cpe:2.3:a:oracle:jre:1.6.0:update_31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_30:::::: cpe:2.3:a:oracle:jre:1.6.0:update_34:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_33:::::: cpe:2.3:a:oracle:jre:1.6.0:update_33:::::: cpe:2.3:a:oracle:jre:1.6.0:update_26:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_31:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_24:::::: cpe:2.3:a:oracle:jre::update_35::::::* cpe:2.3:a:oracle:jdk:1.6.0:update_27:::::: cpe:2.3:a:oracle:jre:1.6.0:update_27:::::: cpe:2.3:a:oracle:jre:1.6.0:update_29:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_29:::::: cpe:2.3:a:oracle:jre:1.6.0:update_25:::::: cpe:2.3:a:oracle:jre:1.6.0:update_32:::::: cpe:2.3:a:oracle:jdk:1.6.0:update_23:::::: cpe:2.3:a:oracle:jre::update_36::::::* cpe:2.3:a:oracle:jdk:1.6.0:update_25:::::: cpe:2.3:a:oracle:jre:1.6.0:update_24::::::	cpe:2.3:a:oracle:jre:1.6.0:update32:::::: cpe:2.3:a:oracle:jre:1.6.0:update33:::::: cpe:2.3:a:oracle:jdk:1.6.0:update27:::::: cpe:2.3:a:oracle:jdk:1.6.0:update30:::::: cpe:2.3:a:oracle:jdk:1.6.0:update23:::::: cpe:2.3:a:oracle:jdk::update36::::::* cpe:2.3:a:oracle:jre:1.6.0:update27:::::: cpe:2.3:a:oracle:jdk:1.6.0:update26:::::: cpe:2.3:a:oracle:jdk:1.6.0:update32:::::: cpe:2.3:a:oracle:jre:1.6.0:update26:::::: cpe:2.3:a:oracle:jre:1.6.0:update25:::::: cpe:2.3:a:oracle:jre:1.6.0:update24:::::: cpe:2.3:a:oracle:jdk:1.6.0:update34:::::: cpe:2.3:a:oracle:jre:1.6.0:update29:::::: cpe:2.3:a:oracle:jdk:1.6.0:update33:::::: cpe:2.3:a:oracle:jdk:1.6.0:update22:::::: cpe:2.3:a:oracle:jdk::update35::::::* cpe:2.3:a:oracle:jre:1.6.0:update31:::::: cpe:2.3:a:oracle:jre:1.6.0:update30:::::: cpe:2.3:a:oracle:jdk:1.6.0:update24:::::: cpe:2.3:a:oracle:jdk:1.6.0:update25:::::: cpe:2.3:a:oracle:jre::update35::::::* cpe:2.3:a:oracle:jre::update36::::::* cpe:2.3:a:oracle:jdk:1.6.0:update29:::::: cpe:2.3:a:oracle:jre:1.6.0:update22:::::: cpe:2.3:a:oracle:jre:1.6.0:update34:::::: cpe:2.3:a:oracle:jre:1.6.0:update23:::::: cpe:2.3:a:oracle:jdk:1.6.0:update31::::::

Information

Published : 2012-08-28 00:55

Updated : 2025-03-14 15:27

NVD link : CVE-2012-4681

Mitre link : CVE-2012-4681

CVE.ORG link : CVE-2012-4681

JSON object : View

Products Affected

redhat

enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus

oracle

CWE

NVD-CWE-noinfo CWE-284

Improper Access Control

9.8 /10