oracle jre CVE-2012-5076 in Oracle and Suse Products
Published on October 16, 2012

product logo product logo product logo
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.

Vendor Advisory Vendor Advisory NVD

Known Exploited Vulnerability

This Oracle Java SE Sandbox Bypass Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

The following remediation steps are recommended / required by April 18, 2022: Apply updates per vendor instructions.

Vulnerability Analysis


Products Associated with CVE-2012-5076

You can be notified by stack.watch whenever vulnerabilities like CVE-2012-5076 are published in these products:

 
 
 

What versions are vulnerable to CVE-2012-5076?