Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-0551

6 documents6 sources

Severity

5.8MEDIUM

EPSS

29.1%

top 3.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle JDK Oracle JRE Oracle Glassfish Server +2 more

Timeline

PublishedMay 3

Latest updateMay 4

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Container or Deployment.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages5 packages

▶NVDoracle/glassfish_server3.1.1

▶NVDoracle/jdk1.6.0+3

▶NVDoracle/jre1.6.0+3

▶NVDsun/jdk1.6.0

▶NVDsun/jre1.6.0

🔴Vulnerability Details

GHSA

GHSA-mc32-mvw8-hcj8: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFis↗2022-05-04

▶

CVEList

CVE-2012-0551: Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFis↗2012-05-03

▶

💥Exploits & PoCs

Exploit-DB

Oracle GlassFish Server 3.1.1 (build 12) - Multiple Cross-Site Scripting Vulnerabilities↗2012-04-22

▶

📋Vendor Advisories

Red Hat

JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)↗2012-06-12

▶

💬Community

Bugzilla

CVE-2012-0551 Oracle JDK: unspecified vulnerability fixed in 6u33 and 7u5 (Deployment)↗2012-06-12

▶