Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0500 — Oracle Javafx vulnerability

7 documents6 sources

Severity

10.0CRITICALNVD

EPSS

74.9%

top 1.13%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle Javafx Oracle JRE SUN JRE

Timeline

PublishedFeb 15

Latest updateMay 4

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDoracle/javafx2.0.2+6

▶NVDoracle/jre1.6.0+3

▶NVDsun/jre1.6.0

🔴Vulnerability Details

GHSA

GHSA-5845-68q3-8r26: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaF↗2022-05-04

▶

CVEList

CVE-2012-0500: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaF↗2012-02-15

▶

💥Exploits & PoCs

Exploit-DB

Sun Java Web Start Plugin - Command Line Argument Injection (2012) (Metasploit)↗2012-02-24

▶

📋Vendor Advisories

Red Hat

JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)↗2012-02-14

▶

💬Community

Bugzilla

CVE-2012-0500 Oracle JDK: unspecified vulnerability fixed in 6u31 and 7u3 (Deployment)↗2012-02-15

▶

Bugzilla

CVE-2011-4324 kernel: nfsv4: mknod(2) DoS↗2011-11-21

▶