CVE-2012-4821
Last modified
CVE-2012-4821 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.. EPSS estimates a 6.93% chance of exploitation in the next 30 days.
Description
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Java | >= 1.4.2, <= 1.4.2.13.13 |
| Ibm | Java | >= 5.0.0.0, <= 5.0.14.0 |
| Ibm | Java | >= 6.0.0.0, <= 6.0.11.0 |
| Ibm | Java | >= 7.0.0.0, <= 7.0.2.0 |
| Ibm | Lotus Domino | 8.0 |
| Ibm | Lotus Domino | 8.0.1 |
| Ibm | Lotus Domino | 8.0.2 |
| Ibm | Lotus Domino | 8.0.2.1 |
| Ibm | Lotus Domino | 8.0.2.2 |
| Ibm | Lotus Domino | 8.0.2.3 |
| Ibm | Lotus Domino | 8.0.2.4 |
| Ibm | Lotus Domino | 8.5.0 |
| Ibm | Lotus Domino | 8.5.0.1 |
| Ibm | Lotus Domino | 8.5.1 |
| Ibm | Lotus Domino | 8.5.1.1 |
| Ibm | Lotus Domino | 8.5.1.2 |
| Ibm | Lotus Domino | 8.5.1.3 |
| Ibm | Lotus Domino | 8.5.1.4 |
| Ibm | Lotus Domino | 8.5.1.5 |
| Ibm | Lotus Domino | 8.5.2.0 |
| Ibm | Lotus Domino | 8.5.2.1 |
| Ibm | Lotus Domino | 8.5.2.2 |
| Ibm | Lotus Domino | 8.5.2.3 |
| Ibm | Lotus Domino | 8.5.2.4 |
| Ibm | Lotus Domino | 8.5.3.0 |
| Ibm | Lotus Domino | 8.5.3.1 |
| Ibm | Lotus Domino | 8.5.3.2 |
| Ibm | Lotus Notes | 8.0 |
| Ibm | Lotus Notes | 8.0.0 |
| Ibm | Lotus Notes | 8.0.1 |
| Ibm | Lotus Notes | 8.0.2 |
| Ibm | Lotus Notes | 8.0.2.0 |
| Ibm | Lotus Notes | 8.0.2.1 |
| Ibm | Lotus Notes | 8.0.2.2 |
| Ibm | Lotus Notes | 8.0.2.3 |
| Ibm | Lotus Notes | 8.0.2.4 |
| Ibm | Lotus Notes | 8.0.2.5 |
| Ibm | Lotus Notes | 8.0.2.6 |
| Ibm | Lotus Notes | 8.5 |
| Ibm | Lotus Notes | 8.5.0.0 |
| Ibm | Lotus Notes | 8.5.0.1 |
| Ibm | Lotus Notes | 8.5.1 |
| Ibm | Lotus Notes | 8.5.1.0 |
| Ibm | Lotus Notes | 8.5.1.1 |
| Ibm | Lotus Notes | 8.5.1.2 |
| Ibm | Lotus Notes | 8.5.1.3 |
| Ibm | Lotus Notes | 8.5.1.4 |
| Ibm | Lotus Notes | 8.5.1.5 |
| Ibm | Lotus Notes | 8.5.2.0 |
| Ibm | Lotus Notes | 8.5.2.1 |
Showing 50 of 127 affected configurations. See NVD for the full list.
References
- http://rhn.redhat.com/errata/RHSA-2012-1467.htmlThird Party Advisory
- http://seclists.org/bugtraq/2012/Sep/38Mailing List, Third Party Advisory
- http://secunia.com/advisories/51326Third Party Advisory
- http://secunia.com/advisories/51634Third Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21615705Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21615800Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616490Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616594Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616616Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616617Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616652Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616708Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21621154Vendor Advisory
- http://www.securityfocus.com/bid/55495Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78765Third Party Advisory, VDB Entry
- https://www-304.ibm.com/support/docview.wss?uid=swg21616546Vendor Advisory
- http://rhn.redhat.com/errata/RHSA-2012-1467.htmlThird Party Advisory
- http://seclists.org/bugtraq/2012/Sep/38Mailing List, Third Party Advisory
- http://secunia.com/advisories/51326Third Party Advisory
- http://secunia.com/advisories/51634Third Party Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21615705Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21615800Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616490Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616594Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616616Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616617Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616652Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21616708Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21621154Vendor Advisory
- http://www.securityfocus.com/bid/55495Third Party Advisory, VDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78765Third Party Advisory, VDB Entry
- https://www-304.ibm.com/support/docview.wss?uid=swg21616546Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4821?
How severe is CVE-2012-4821?
How do I fix CVE-2012-4821?
Are you affected by CVE-2012-4821?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST