CVE-2012-4820

5 documents5 sources
Severity
9.3CRITICAL
EPSS
9.4%
top 7.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
IBM JavaIBM Lotus DominoIBM Lotus Notes+10 more
Timeline
PublishedJan 11
Latest updateMay 14

Description

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when runnin

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages13 packages

NVDibm/java1.4.21.4.2.13.13+3
NVDibm/service_delivery_manager7.2.1.0, 7.2.2.0+1
NVDibm/tivoli_monitoring27 versions+26
NVDibm/rational_host_on-demand11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-jfrg-75v5-493f: Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 62022-05-14
CVEList
CVE-2012-4820: Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 62013-01-11

📋Vendor Advisories

1
Red Hat
JDK: java.lang.reflect.Method invoke() code execution2012-11-13

💬Community

1
Bugzilla
CVE-2012-4820 IBM JDK: java.lang.reflect.Method invoke() code execution2012-11-14
CVE-2012-4820 (CRITICAL CVSS 9.3) | Unspecified vulnerability in the JR | cvebase.io