Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2012-0547

Published: 30/08/2012 Updated: 13/05/2022
CVSS v2 Base Score: 0 | Impact Score: 0 | Exploitability Score: 10
VMScore: 0
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:N
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and previous versions, and 6 Update 34 and previous versions, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the presence of other vulnerabilities. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "toolkit internals references."

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 1.7.0

oracle jre 1.7.0

oracle jre

sun jdk 1.6.0

sun jre 1.6.0

oracle jre 1.6.0

oracle jdk 1.6.0

oracle jdk

Vendor Advisories

Ubuntu Security Notice: openjdk-6 vulnerabilities
Two security issues were fixed in OpenJDK 6 ...
Red Hat: Important: java-1.6.0-openjdk security update
Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security impact ...
Red Hat: Critical: java-1.7.0-oracle security update
Synopsis Critical: java-170-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-170-oracle packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Red Hat: Critical: java-1.6.0-openjdk security update
Synopsis Critical: java-160-openjdk security update Type/Severity Security Advisory: Critical Topic Updated java-160-openjdk packages that fix two security issues are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...
Red Hat: Important: java-1.7.0-openjdk security update
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security im ...
Red Hat: Critical: java-1.7.0-ibm security update
Synopsis Critical: java-170-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-170-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalsecurity ...
Red Hat: Critical: java-1.6.0-ibm security update
Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Red Hat: Critical: java-1.6.0-sun security update
Synopsis Critical: java-160-sun security update Type/Severity Security Advisory: Critical Topic Updated java-160-sun packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update
Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 55The Red Hat Security Response Team has rated this update as ha ...
Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update
Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...
Amazon Linux AMI: ALAS-2012-119
It was discovered that the Beans component in OpenJDK did not perform permission checks properly An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions (CVE-2012-1682) A hardening fix was applied to the AWT component in OpenJDK, removing functionality fr ...

Exploits

Exploit DB: Java 7 Applet - Remote Code Execution (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' require 'rex' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking includ ...

Recent Articles

Apple Java update fails to address mega-flaw – researcher
The Register • John Leyden • 06 Sep 2012

Chocolate coffee-pot

Apple released a Java update on Wednesday but it does not tackle a high-profile flaw that has become the target of attacks over recent weeks. Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 offer patched versions of Java for OS X Lion and Mountain Lion systems that tackle CVE-2012-0547. But this is a different beastie from the CVE-2012-4681 megabug currently stalking Java users, KrebsOnSecurity reports. Security vulnerabilities in Java are an all-too-real danger for Mac fans, as illu...

Read more...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1225.htmlhttp://lists.opensuse.org/opensuse-security-announce/2012-09/msg00019.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1392.htmlhttp://rhn.redhat.com/errata/RHSA-2012-1222.htmlhttp://www.ubuntu.com/usn/USN-1553-1http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00006.htmlhttp://marc.info/?l=bugtraq&m=135161897205627&w=2http://rhn.redhat.com/errata/RHSA-2012-1466.htmlhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03533078http://secunia.com/advisories/51044http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.htmlhttp://secunia.com/advisories/51141http://secunia.com/advisories/51327http://rhn.redhat.com/errata/RHSA-2013-1455.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1456.htmlhttp://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://www.securityfocus.com/bid/55339https://usn.ubuntu.com/1553-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/20865/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581reflected XSSCVE-2024-26925CVE-2024-27956LFICVE-2024-3607CVE-2024-3107CVE-2024-3295SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook