CVE-2012-3136Oracle JDK vulnerability

8 documents5 sources
Severity
10.0CRITICALNVD
EPSS
1.0%
top 22.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedAug 30
Latest updateMay 17

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/jdk1.7.0+1
NVDoracle/jre1.7.0+1

🔴Vulnerability Details

3
GHSA
GHSA-3cq6-v88g-8x73: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect c2022-05-17
GHSA
GHSA-5jvp-8v86-8h9w: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect c2022-05-17
VulnCheck
Oracle Java SE 7 Update 6 and earlier Java Runtime Environment (JRE) Vulnerability2012

📋Vendor Advisories

2
Red Hat
OpenJDK: beans ClassFinder insufficient permission checks (beans, 7162476)2012-08-30
Red Hat
OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)2012-08-30

💬Community

1
Bugzilla
CVE-2012-3136 OpenJDK: beans MethodElementHandler insufficient permission checks (beans, 7194567)2012-08-30
CVE-2012-3136 — Oracle JDK vulnerability | cvebase