Secunia CSI7
Products
Solutions
Customers
Partner
Resources
Company
Careers
Community

CVE Reference: CVE-2012-4820

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2012-4820

Description:
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/78764

SAID
  Secunia Advisory: SA51634
  Secunia Advisory: SA51326
  Secunia Advisory: SA51327
  Secunia Advisory: SA51328
  Secunia Advisory: SA51393

REDHAT
  http://rhn.redhat.com/errata/RHSA-2012-1466.html
  http://rhn.redhat.com/errata/RHSA-2012-1465.html
  http://rhn.redhat.com/errata/RHSA-2012-1467.html
  http://rhn.redhat.com/errata/RHSA-2013-1455.html
  http://rhn.redhat.com/errata/RHSA-2013-1456.html

CONFIRM
  http://www-01.ibm.com/support/docview.wss?uid=swg21631786
  http://www-01.ibm.com/support/docview.wss?uid=swg21621154
  http://www-01.ibm.com/support/docview.wss?uid=swg21616708
  http://www-01.ibm.com/support/docview.wss?uid=swg21616652
  http://www-01.ibm.com/support/docview.wss?uid=swg21616617
  http://www-01.ibm.com/support/docview.wss?uid=swg21616616
  http://www-01.ibm.com/support/docview.wss?uid=swg21616594
  http://www-01.ibm.com/support/docview.wss?uid=swg21616490
  http://www-01.ibm.com/support/docview.wss?uid=swg21615800
  http://www-01.ibm.com/support/docview.wss?uid=swg21615705

BUGTRAQ
  http://seclists.org/bugtraq/2012/Sep/38

BID
  55495

AIXAPAR
  http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654


Return to the previous page.


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability