CVE-2012-0507 in Sun and Oracle Products
Published on June 7, 2012

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Vulnerability Analysis

Products Associated with CVE-2012-0507

You can be notified by stack.watch whenever vulnerabilities like CVE-2012-0507 are published in these products:

Sun Jre

  Watch

 

Oracle Java Runtime Environment (JRE)

  Watch

 

What versions are vulnerable to CVE-2012-0507?

•   Sun Jre Version 1.5.0 update22
•   Sun Jre Version 1.5.0 update31
•   Sun Jre Version 1.5.0
•   Sun Jre Version 1.5.0 update18
•   Sun Jre Version 1.5.0 update27
•   Sun Jre Version 1.5.0 update2
•   Sun Jre Version 1.5.0 update13
•   Sun Jre Version 1.5.0 update24
•   Sun Jre Version 1.5.0 update12
•   Sun Jre Version 1.5.0 update26
•   Sun Jre Version 1.5.0 update28
•   Sun Jre Version 1.5.0 update21
•   Sun Jre Version 1.5.0 update6
•   Sun Jre Version 1.5.0 update1
•   Sun Jre Version 1.5.0 update16
•   Sun Jre Version 1.5.0 update20
•   Sun Jre Version 1.5.0 update3
•   Sun Jre Version 1.5.0 update5
•   Sun Jre Version 1.5.0 update9
•   Sun Jre Version 1.5.0 update25
•   Sun Jre Version 1.5.0 update10
•   Sun Jre Version 1.5.0 update23
•   Sun Jre Version 1.5.0 update4
•   Sun Jre Version 1.5.0 update15
•   Sun Jre Version 1.5.0 update11
•   Sun Jre Version 1.5.0 update19
•   Sun Jre Version 1.5.0 update7
•   Sun Jre Version 1.5.0 update8
•   Sun Jre Version 1.5.0 update14
•   Sun Jre Up to Version 1.5.0 update33
•   Sun Jre Version 1.5.0 update17
•   Sun Jre Version 1.5.0 update29

•   Sun Jre Version 1.6.0 update_3
•   Sun Jre Version 1.6.0 update_5
•   Sun Jre Version 1.6.0 update_13
•   Sun Jre Version 1.6.0 update_1
•   Sun Jre Version 1.6.0 update_2
•   Sun Jre Version 1.6.0 update_16
•   Sun Jre Version 1.6.0 update_20
•   Sun Jre Version 1.6.0 update_15
•   Sun Jre Version 1.6.0 update_6
•   Sun Jre Version 1.6.0 update_19
•   Sun Jre Version 1.6.0 update_21
•   Sun Jre Version 1.6.0
•   Sun Jre Version 1.6.0 update_12
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update22
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update23
•   Sun Jre Version 1.6.0 update_17
•   Sun Jre Version 1.6.0 update_18
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update29
•   Oracle Java Runtime Environment (JRE) Up to Version 1.6.0 update30
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update26
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update27
•   Sun Jre Version 1.6.0 update_7
•   Sun Jre Version 1.6.0 update_10
•   Sun Jre Version 1.6.0 update_4
•   Sun Jre Version 1.6.0 update_11
•   Sun Jre Version 1.6.0 update_14
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update24
•   Oracle Java Runtime Environment (JRE) Version 1.6.0 update25

•   Oracle Java Runtime Environment (JRE) Up to Version 1.7.0 update2
•   Oracle Java Runtime Environment (JRE) Version 1.7.0
•   Oracle Java Runtime Environment (JRE) Version 1.7.0 update1