Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0547Oracle JDK vulnerability

8 documents7 sources
Severity
0.0N/ANVD
EPSS
9.9%
top 7.00%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
Oracle JDKOracle JRESUN JDK+1 more
Timeline
PublishedAug 30
Latest updateMay 4

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has no impact and remote attack vectors involving AWT and "a security-in-depth issue that is not directly exploitable but which can be used to aggravate security vulnerabilities that can be directly exploited." NOTE: this identifier was assigned by the Oracle CNA, but CVE is not intended to cover defense-in-depth issues that are only exposed by the pres

CVSS vector

AV:N/AC:L/C:N/I:N/A:NExploitability: 10.0 | Impact: 0.0

Affected Packages4 packages

NVDoracle/jdk1.6.0+2
NVDoracle/jre1.7.0+3
NVDsun/jdk1.6.0
NVDsun/jre1.6.0

🔴Vulnerability Details

2
GHSA
GHSA-mpj2-6qj6-74jr: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has n2022-05-04
CVEList
CVE-2012-0547: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier, and 6 Update 34 and earlier, has n2012-08-30

💥Exploits & PoCs

1
Exploit-DB
Java 7 Applet - Remote Code Execution (Metasploit)2012-08-27

📋Vendor Advisories

3
Ubuntu
OpenJDK 6 vulnerabilities2012-09-03
Red Hat
OpenJDK: AWT hardening fixes (AWT, 7163201)2012-08-30
Red Hat
php: command line arguments injection when run in CGI mode (VU#520827)2012-05-03

💬Community

1
Bugzilla
CVE-2012-0547 OpenJDK: AWT hardening fixes (AWT, 7163201)2012-08-30
CVE-2012-0547 — Oracle JDK vulnerability | cvebase