Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-5067Oracle JDK vulnerability

7 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
56.4%
top 1.88%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedOct 16
Latest updateMay 17

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Deployment.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDoracle/jdk1.7.0+1
NVDoracle/jre1.7.0+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

1
GHSA
GHSA-v6jx-x9wj-v8pq: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect c2022-05-17

💥Exploits & PoCs

1
Exploit-DB
Java Applet - JAX-WS Remote Code Execution (Metasploit)2012-11-13

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities2012-10-26
Red Hat
JDK: unspecified vulnerability (Deployment)2012-10-16

💬Community

2
Bugzilla
Softblock Java versions affected by CVE-2012-50762012-11-18
Bugzilla
CVE-2012-5067 Oracle JDK: unspecified vulnerability (Deployment)2012-10-17
CVE-2012-5067 — Oracle JDK vulnerability | cvebase