CVE-2012-3174 — Improper Access Control in Oracle JDK
Severity
10.0CRITICALNVD
NVD9.8
EPSS
1.4%
top 19.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 14
Latest updateMay 17
Description
Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0422. NOTE: some parties have mapped CVE-2012-3174 to an issue involving recursive use of the Reflection API, but that issue is already covered as part of CVE-2013-0422. This identifier is for a different vulnerability whose details are not public as of 20130114.
CVSS vector
AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0
Affected Packages3 packages
Also affects: Ubuntu Linux 12.10
🔴Vulnerability Details
3GHSA▶
GHSA-xcww-3952-xr69: Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown↗2022-05-17
GHSA▶
GHSA-r293-6mhc-29xx: Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiat↗2022-05-05
💥Exploits & PoCs
1📋Vendor Advisories
3💬Community
3Bugzilla
▶
Bugzilla▶
CVE-2013-0422 OpenJDK: MethodHandles.Lookup incorrect permission checks, Java 7 0day (Libraries, 8006017)↗2013-01-10