CVE-2012-4681 (GCVE-0-2012-4681)
Vulnerability from cvelistv5
Published
2012-08-28 00:00
Modified
2025-10-22 00:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
References
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2022-03-03
Due date: 2022-03-24
Required action: Apply updates per vendor instructions.
Used in ransomware: Known
Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-4681
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:55.009Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
},
{
"name": "SUSE-SU-2012:1398",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name": "SUSE-SU-2012:1231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
},
{
"name": "TA12-240A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/"
},
{
"name": "SSRT100970",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html"
},
{
"name": "RHSA-2012:1225",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html"
},
{
"name": "51044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51044"
},
{
"name": "HPSBUX02824",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"name": "55213",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55213"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2012-4681",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T20:02:21.664658Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-03-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4681"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:46.560Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4681"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-03-03T00:00:00.000Z",
"value": "CVE-2012-4681 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-04T09:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
},
{
"name": "SUSE-SU-2012:1398",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name": "SUSE-SU-2012:1231",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
},
{
"name": "TA12-240A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/"
},
{
"name": "SSRT100970",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html"
},
{
"name": "RHSA-2012:1225",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html"
},
{
"name": "51044",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51044"
},
{
"name": "HPSBUX02824",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"name": "55213",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55213"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \"reflection with a trusted immediate caller\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html",
"refsource": "MISC",
"url": "http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html"
},
{
"name": "SUSE-SU-2012:1398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name": "SUSE-SU-2012:1231",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
},
{
"name": "TA12-240A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/cas/techalerts/TA12-240A.html"
},
{
"name": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/",
"refsource": "MISC",
"url": "http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/"
},
{
"name": "SSRT100970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"name": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day",
"refsource": "MISC",
"url": "https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day"
},
{
"name": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html",
"refsource": "MISC",
"url": "http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html"
},
{
"name": "RHSA-2012:1225",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1225.html"
},
{
"name": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html",
"refsource": "MISC",
"url": "http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html"
},
{
"name": "51044",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51044"
},
{
"name": "HPSBUX02824",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2"
},
{
"name": "55213",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55213"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4681",
"datePublished": "2012-08-28T00:00:00.000Z",
"dateReserved": "2012-08-27T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:46.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2012-4681",
"dateAdded": "2022-03-03",
"dueDate": "2022-03-24",
"knownRansomwareCampaignUse": "Known",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2012-4681",
"product": "Java SE",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.",
"vendorProject": "Oracle",
"vulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html\", \"name\": \"SUSE-SU-2012:1398\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\", \"name\": \"SUSE-SU-2012:1231\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA12-240A.html\", \"name\": \"TA12-240A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"SSRT100970\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1225.html\", \"name\": \"RHSA-2012:1225\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/51044\", \"name\": \"51044\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"HPSBUX02824\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/55213\", \"name\": \"55213\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T20:42:55.009Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2012-4681\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-10T20:02:21.664658Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4681\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-03T00:00:00.000Z\", \"value\": \"CVE-2012-4681 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-4681\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284 Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-10T20:02:32.731Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2012-08-26T00:00:00.000Z\", \"references\": [{\"url\": \"http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html\", \"name\": \"SUSE-SU-2012:1398\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\", \"name\": \"SUSE-SU-2012:1231\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA12-240A.html\", \"name\": \"TA12-240A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"SSRT100970\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1225.html\", \"name\": \"RHSA-2012:1225\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://secunia.com/advisories/51044\", \"name\": \"51044\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"HPSBUX02824\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.securityfocus.com/bid/55213\", \"name\": \"55213\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \\\"reflection with a trusted immediate caller\\\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2017-08-04T09:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html\", \"name\": \"http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html\", \"name\": \"SUSE-SU-2012:1398\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html\", \"name\": \"SUSE-SU-2012:1231\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA12-240A.html\", \"name\": \"TA12-240A\", \"refsource\": \"CERT\"}, {\"url\": \"http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/\", \"name\": \"http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wild/\", \"refsource\": \"MISC\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"SSRT100970\", \"refsource\": \"HP\"}, {\"url\": \"https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day\", \"name\": \"https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-the-week-with-a-new-java-0day\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html\", \"name\": \"http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2012-1225.html\", \"name\": \"RHSA-2012:1225\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html\", \"name\": \"http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://secunia.com/advisories/51044\", \"name\": \"51044\", \"refsource\": \"SECUNIA\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=135109152819176\u0026w=2\", \"name\": \"HPSBUX02824\", \"refsource\": \"HP\"}, {\"url\": \"http://www.securityfocus.com/bid/55213\", \"name\": \"55213\", \"refsource\": \"BID\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using \\\"reflection with a trusted immediate caller\\\" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2012-4681\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2012-4681\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:46.560Z\", \"dateReserved\": \"2012-08-27T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2012-08-28T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…