Published: 15/02/2012 Updated: 13/05/2022

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and previous versions, 6 Update 30 and previous versions, and JavaFX 2.0.2 and previous versions allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun jre 1.6.0
oracle jre 1.6.0
oracle jre
oracle jre 1.7.0
oracle javafx 1.2.3
oracle javafx
oracle javafx 2.0
oracle javafx 1.3.1
oracle javafx 1.3.0
oracle javafx 1.2
oracle javafx 1.2.2

Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 4 Extras, and Red Hat EnterpriseLinux 5 and 6 SupplementaryThe Red Hat Security Response Team has ...

Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...

Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...

## # $Id$ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = Excelle ...

This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment Parameters intial-heap-size and max-heap-size in a JNLP file can contain a double quote which is not properly sanitized when creating the command line for javawexe This allows the injection of the -XXaltjvm option to load a jvmdll from a remote ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html http://secunia.com/advisories/48589 http://secunia.com/advisories/48950 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://marc.info/?l=bugtraq&m=134254957702612&w=2 http://marc.info/?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2 http://www.securityfocus.com/bid/52015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14844 http://marc.info/?l=bugtraq&m=134254866602253&w=2 http://rhn.redhat.com/errata/RHSA-2012-0514.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html http://secunia.com/advisories/48073 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2012:0139 https://www.exploit-db.com/exploits/18520/

CVE-2012-0500

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect