Vulnerability Details CVE-2012-4823
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.132
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://rhn.redhat.com/errata/RHSA-2012-1466.html
- http://rhn.redhat.com/errata/RHSA-2012-1467.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://seclists.org/bugtraq/2012/Sep/38
- http://secunia.com/advisories/51326
- http://secunia.com/advisories/51327
- http://secunia.com/advisories/51634
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687
- http://www-01.ibm.com/support/docview.wss?uid=swg21615705
- http://www-01.ibm.com/support/docview.wss?uid=swg21615800
- http://www-01.ibm.com/support/docview.wss?uid=swg21616490
- http://www-01.ibm.com/support/docview.wss?uid=swg21616594
- http://www-01.ibm.com/support/docview.wss?uid=swg21616616
- http://www-01.ibm.com/support/docview.wss?uid=swg21616617
- http://www-01.ibm.com/support/docview.wss?uid=swg21616652
- http://www-01.ibm.com/support/docview.wss?uid=swg21616708
- http://www-01.ibm.com/support/docview.wss?uid=swg21621154
- http://www.securityfocus.com/bid/55495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78767
- https://www-304.ibm.com/support/docview.wss?uid=swg21616546
- http://rhn.redhat.com/errata/RHSA-2012-1466.html
- http://rhn.redhat.com/errata/RHSA-2012-1467.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://seclists.org/bugtraq/2012/Sep/38
- http://secunia.com/advisories/51326
- http://secunia.com/advisories/51327
- http://secunia.com/advisories/51634
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687
- http://www-01.ibm.com/support/docview.wss?uid=swg21615705
- http://www-01.ibm.com/support/docview.wss?uid=swg21615800
- http://www-01.ibm.com/support/docview.wss?uid=swg21616490
- http://www-01.ibm.com/support/docview.wss?uid=swg21616594
- http://www-01.ibm.com/support/docview.wss?uid=swg21616616
- http://www-01.ibm.com/support/docview.wss?uid=swg21616617
- http://www-01.ibm.com/support/docview.wss?uid=swg21616652
- http://www-01.ibm.com/support/docview.wss?uid=swg21616708
- http://www-01.ibm.com/support/docview.wss?uid=swg21621154
- http://www.securityfocus.com/bid/55495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78767
- https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Products affected by CVE-2012-4823
-
cpe:2.3:a:ibm:java:1.4.2
-
cpe:2.3:a:ibm:java:1.4.2.13
-
cpe:2.3:a:ibm:java:1.4.2.13.1
-
cpe:2.3:a:ibm:java:1.4.2.13.10
-
cpe:2.3:a:ibm:java:1.4.2.13.11
-
cpe:2.3:a:ibm:java:1.4.2.13.12
-
cpe:2.3:a:ibm:java:1.4.2.13.13
-
cpe:2.3:a:ibm:java:1.4.2.13.2
-
cpe:2.3:a:ibm:java:1.4.2.13.3
-
cpe:2.3:a:ibm:java:1.4.2.13.4
-
cpe:2.3:a:ibm:java:1.4.2.13.5
-
cpe:2.3:a:ibm:java:1.4.2.13.6
-
cpe:2.3:a:ibm:java:1.4.2.13.7
-
cpe:2.3:a:ibm:java:1.4.2.13.8
-
cpe:2.3:a:ibm:java:1.4.2.13.9
-
cpe:2.3:a:ibm:java:5.0.0.0
-
cpe:2.3:a:ibm:java:5.0.11.0
-
cpe:2.3:a:ibm:java:5.0.11.1
-
cpe:2.3:a:ibm:java:5.0.11.2
-
cpe:2.3:a:ibm:java:5.0.12.0
-
cpe:2.3:a:ibm:java:5.0.12.1
-
cpe:2.3:a:ibm:java:5.0.12.2
-
cpe:2.3:a:ibm:java:5.0.12.3
-
cpe:2.3:a:ibm:java:5.0.12.4
-
cpe:2.3:a:ibm:java:5.0.12.5
-
cpe:2.3:a:ibm:java:5.0.13.0
-
cpe:2.3:a:ibm:java:5.0.14.0
-
cpe:2.3:a:ibm:java:6.0.0.0
-
cpe:2.3:a:ibm:java:6.0.1.0
-
cpe:2.3:a:ibm:java:6.0.10.0
-
cpe:2.3:a:ibm:java:6.0.10.1
-
cpe:2.3:a:ibm:java:6.0.11.0
-
cpe:2.3:a:ibm:java:6.0.2.0
-
cpe:2.3:a:ibm:java:6.0.3.0
-
cpe:2.3:a:ibm:java:6.0.4.0
-
cpe:2.3:a:ibm:java:6.0.5.0
-
cpe:2.3:a:ibm:java:6.0.6.0
-
cpe:2.3:a:ibm:java:6.0.7.0
-
cpe:2.3:a:ibm:java:6.0.8.0
-
cpe:2.3:a:ibm:java:6.0.8.1
-
cpe:2.3:a:ibm:java:6.0.9.0
-
cpe:2.3:a:ibm:java:6.0.9.1
-
cpe:2.3:a:ibm:java:6.0.9.2
-
cpe:2.3:a:ibm:java:7.0.0.0
-
cpe:2.3:a:ibm:java:7.0.1.0
-
cpe:2.3:a:ibm:java:7.0.2.0
-
cpe:2.3:a:ibm:lotus_domino:8.0
-
cpe:2.3:a:ibm:lotus_domino:8.0.1
-
cpe:2.3:a:ibm:lotus_domino:8.0.2
-
cpe:2.3:a:ibm:lotus_domino:8.0.2.1
-
cpe:2.3:a:ibm:lotus_domino:8.0.2.2
-
cpe:2.3:a:ibm:lotus_domino:8.0.2.3
-
cpe:2.3:a:ibm:lotus_domino:8.0.2.4
-
cpe:2.3:a:ibm:lotus_domino:8.5.0
-
cpe:2.3:a:ibm:lotus_domino:8.5.0.1
-
cpe:2.3:a:ibm:lotus_domino:8.5.1
-
cpe:2.3:a:ibm:lotus_domino:8.5.1.1
-
cpe:2.3:a:ibm:lotus_domino:8.5.1.2
-
cpe:2.3:a:ibm:lotus_domino:8.5.1.3
-
cpe:2.3:a:ibm:lotus_domino:8.5.1.4
-
cpe:2.3:a:ibm:lotus_domino:8.5.1.5
-
cpe:2.3:a:ibm:lotus_domino:8.5.2.0
-
cpe:2.3:a:ibm:lotus_domino:8.5.2.1
-
cpe:2.3:a:ibm:lotus_domino:8.5.2.2
-
cpe:2.3:a:ibm:lotus_domino:8.5.2.3
-
cpe:2.3:a:ibm:lotus_domino:8.5.2.4
-
cpe:2.3:a:ibm:lotus_domino:8.5.3.0
-
cpe:2.3:a:ibm:lotus_domino:8.5.3.1
-
cpe:2.3:a:ibm:lotus_domino:8.5.3.2
-
cpe:2.3:a:ibm:lotus_notes:8.0
-
cpe:2.3:a:ibm:lotus_notes:8.0.0
-
cpe:2.3:a:ibm:lotus_notes:8.0.1
-
cpe:2.3:a:ibm:lotus_notes:8.0.2
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.0
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.1
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.2
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.3
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.4
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.5
-
cpe:2.3:a:ibm:lotus_notes:8.0.2.6
-
cpe:2.3:a:ibm:lotus_notes:8.5
-
cpe:2.3:a:ibm:lotus_notes:8.5.0.0
-
cpe:2.3:a:ibm:lotus_notes:8.5.0.1
-
cpe:2.3:a:ibm:lotus_notes:8.5.1
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.0
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.1
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.2
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.3
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.4
-
cpe:2.3:a:ibm:lotus_notes:8.5.1.5
-
cpe:2.3:a:ibm:lotus_notes:8.5.2.0
-
cpe:2.3:a:ibm:lotus_notes:8.5.2.1
-
cpe:2.3:a:ibm:lotus_notes:8.5.2.2
-
cpe:2.3:a:ibm:lotus_notes:8.5.2.3
-
cpe:2.3:a:ibm:lotus_notes:8.5.3
-
cpe:2.3:a:ibm:lotus_notes:8.5.3.1
-
cpe:2.3:a:ibm:lotus_notes:8.5.3.2
-
cpe:2.3:a:ibm:lotus_notes:8.5.4
-
cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407
-
cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822
-
cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.0
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2
-
cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3
-
cpe:2.3:a:ibm:rational_change:4.7
-
cpe:2.3:a:ibm:rational_change:5.1
-
cpe:2.3:a:ibm:rational_change:5.2
-
cpe:2.3:a:ibm:rational_change:5.3
-
cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12
-
cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0
-
cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0
-
cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1
-
cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0
-
cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0
-
cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0
-
cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0
-
cpe:2.3:a:ibm:smart_analytics_system_5600_software:-
-
cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7
-
cpe:2.3:a:ibm:tivoli_monitoring:6.1.0
-
cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.0
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.3
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1
-
cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2
-
cpe:2.3:a:ibm:tivoli_remote_control:5.1.2
-
cpe:2.3:a:ibm:websphere_real_time:2.0
-
cpe:2.3:a:ibm:websphere_real_time:3.0
-
cpe:2.3:a:tivoli_storage_productivity_center:5.0:-
-
cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:-
-
cpe:2.3:a:tivoli_storage_productivity_center:5.1:-
-
cpe:2.3:h:ibm:smart_analytics_system_5600:7200