CVE-2012-1723 in Oracle and Sun Products
Published on June 16, 2012
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Known Exploited Vulnerability
This Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
The following remediation steps are recommended / required by March 24, 2022: Apply updates per vendor instructions.
Vulnerability Analysis
Products Associated with CVE-2012-1723
You can be notified by stack.watch whenever vulnerabilities like CVE-2012-1723 are published in these products:
What versions are vulnerable to CVE-2012-1723?
-
Oracle Java Runtime Environment (JRE)
Up to Version 1.7.0
update4
-
Oracle Java Development Kit (JDK)
Up to Version 1.7.0
update4
-
Oracle Java Development Kit (JDK)
Up to Version 1.6.0
update32
-
Oracle Java Runtime Environment (JRE)
Up to Version 1.6.0
update32
-
Sun Jdk
Up to Version 1.5.0
update35
-
Sun Jre
Up to Version 1.5.0
update35
-
Sun Jdk
Up to Version 1.4.2_37
-
Sun Jre
Up to Version 1.4.2_37