CVE-2012-5076

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1386.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1391.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
http://secunia.com/advisories/51029	Not Applicable
http://secunia.com/advisories/51326	Not Applicable
http://secunia.com/advisories/51390	Not Applicable
http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html	Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16641	Broken Link
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1386.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1391.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.html	Third Party Advisory
http://secunia.com/advisories/51029	Not Applicable
http://secunia.com/advisories/51326	Not Applicable
http://secunia.com/advisories/51390	Not Applicable
http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html	Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16641	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jre:1.7.0:-::::::
	cpe:2.3:a:oracle:jre:1.7.0:update1::::::
	cpe:2.3:a:oracle:jre:1.7.0:update2::::::
	cpe:2.3:a:oracle:jre:1.7.0:update3::::::
	cpe:2.3:a:oracle:jre:1.7.0:update4::::::
	cpe:2.3:a:oracle:jre:1.7.0:update5::::::
	cpe:2.3:a:oracle:jre:1.7.0:update6::::::
	cpe:2.3:a:oracle:jre:1.7.0:update7::::::

Configuration 2 (hide)

cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*

History

10 Feb 2025, 20:15

Type	Values Removed	Values Added
CVSS	v2 : ~~10.0~~ v3 : ~~unknown~~	v2 : 10.0 v3 : 9.8
CWE		CWE-284

Information

Published : 2012-10-16 21:55

Updated : 2025-04-11 00:51

NVD link : CVE-2012-5076

Mitre link : CVE-2012-5076

CVE.ORG link : CVE-2012-5076

JSON object : View

Products Affected

suse

linux_enterprise_desktop

oracle

CWE

NVD-CWE-noinfo CWE-284

Improper Access Control

9.8 /10