9.3

CVE-2012-4820

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmJava Version >= 1.4.2 <= 1.4.2.13.13
IbmJava Version >= 5.0.0.0 <= 5.0.14.0
IbmJava Version >= 6.0.0.0 <= 6.0.11.0
IbmJava Version >= 7.0.0.0 <= 7.0.2.0
IbmLotus Domino Version8.0
IbmLotus Domino Version8.0.1
IbmLotus Domino Version8.0.2
IbmLotus Domino Version8.0.2.1
IbmLotus Domino Version8.0.2.2
IbmLotus Domino Version8.0.2.3
IbmLotus Domino Version8.0.2.4
IbmLotus Domino Version8.5.0
IbmLotus Domino Version8.5.0.1
IbmLotus Domino Version8.5.1
IbmLotus Domino Version8.5.1.1
IbmLotus Domino Version8.5.1.2
IbmLotus Domino Version8.5.1.3
IbmLotus Domino Version8.5.1.4
IbmLotus Domino Version8.5.1.5
IbmLotus Domino Version8.5.2.0
IbmLotus Domino Version8.5.2.1
IbmLotus Domino Version8.5.2.2
IbmLotus Domino Version8.5.2.3
IbmLotus Domino Version8.5.2.4
IbmLotus Domino Version8.5.3.0
IbmLotus Domino Version8.5.3.1
IbmLotus Domino Version8.5.3.2
IbmLotus Notes Version8.0
IbmLotus Notes Version8.0.0
IbmLotus Notes Version8.0.1
IbmLotus Notes Version8.0.2
IbmLotus Notes Version8.0.2.0
IbmLotus Notes Version8.0.2.1
IbmLotus Notes Version8.0.2.2
IbmLotus Notes Version8.0.2.3
IbmLotus Notes Version8.0.2.4
IbmLotus Notes Version8.0.2.5
IbmLotus Notes Version8.0.2.6
IbmLotus Notes Version8.5
IbmLotus Notes Version8.5.0.0
IbmLotus Notes Version8.5.0.1
IbmLotus Notes Version8.5.1
IbmLotus Notes Version8.5.1.0
IbmLotus Notes Version8.5.1.1
IbmLotus Notes Version8.5.1.2
IbmLotus Notes Version8.5.1.3
IbmLotus Notes Version8.5.1.4
IbmLotus Notes Version8.5.1.5
IbmLotus Notes Version8.5.2.0
IbmLotus Notes Version8.5.2.1
IbmLotus Notes Version8.5.2.2
IbmLotus Notes Version8.5.2.3
IbmLotus Notes Version8.5.3
IbmLotus Notes Version8.5.3.1
IbmLotus Notes Version8.5.3.2
IbmLotus Notes Version8.5.4
IbmLotus Notes Sametime Version8.0.80407
IbmLotus Notes Sametime Version8.0.80822
IbmLotus Notes Sametime Version8.5.1.20100709-1631 SwEditionadvanced_embedded
IbmLotus Notes Traveler Version8.0
IbmLotus Notes Traveler Version8.0.1
IbmLotus Notes Traveler Version8.0.1.2
IbmLotus Notes Traveler Version8.0.1.3
IbmLotus Notes Traveler Version8.5.0.0
IbmLotus Notes Traveler Version8.5.0.1
IbmLotus Notes Traveler Version8.5.0.2
IbmLotus Notes Traveler Version8.5.1.1
IbmLotus Notes Traveler Version8.5.1.2
IbmLotus Notes Traveler Version8.5.1.3
IbmLotus Notes Traveler Version8.5.2.1
IbmLotus Notes Traveler Version8.5.3
IbmLotus Notes Traveler Version8.5.3.1
IbmLotus Notes Traveler Version8.5.3.2
IbmLotus Notes Traveler Version8.5.3.3
IbmLotus Notes Traveler Version8.5.3.3 Updateinterim_fix_1
IbmRational Change Version4.7
IbmRational Change Version5.1
IbmRational Change Version5.2
IbmRational Change Version5.3
IbmRational Host On-demand Version1.6.0.12
IbmRational Host On-demand Version8.0.8.0
IbmRational Host On-demand Version9.0.8.0
IbmRational Host On-demand Version10.0.9.0
IbmRational Host On-demand Version10.0.10.0
IbmRational Host On-demand Version11.0.3.0
IbmRational Host On-demand Version11.0.4.0
IbmRational Host On-demand Version11.0.5.0
IbmRational Host On-demand Version11.0.5.1
IbmRational Host On-demand Version11.0.6.0
IbmRational Host On-demand Version11.0.6.1
IbmService Delivery Manager Version7.2.1.0
IbmService Delivery Manager Version7.2.2.0
IbmTivoli Monitoring Version6.1.0
IbmTivoli Monitoring Version6.1.0.7
IbmTivoli Monitoring Version6.2.0
IbmTivoli Monitoring Version6.2.0.1
IbmTivoli Monitoring Version6.2.0.2
IbmTivoli Monitoring Version6.2.0.3
IbmTivoli Monitoring Version6.2.1
IbmTivoli Monitoring Version6.2.1.0
IbmTivoli Monitoring Version6.2.1.1
IbmTivoli Monitoring Version6.2.1.2
IbmTivoli Monitoring Version6.2.1.3
IbmTivoli Monitoring Version6.2.1.4
IbmTivoli Monitoring Version6.2.2
IbmTivoli Monitoring Version6.2.2.0
IbmTivoli Monitoring Version6.2.2.1
IbmTivoli Monitoring Version6.2.2.2
IbmTivoli Monitoring Version6.2.2.3
IbmTivoli Monitoring Version6.2.2.4
IbmTivoli Monitoring Version6.2.2.5
IbmTivoli Monitoring Version6.2.2.6
IbmTivoli Monitoring Version6.2.2.7
IbmTivoli Monitoring Version6.2.2.8
IbmTivoli Monitoring Version6.2.2.9
IbmTivoli Monitoring Version6.2.3
IbmTivoli Monitoring Version6.2.3.0
IbmTivoli Monitoring Version6.2.3.1
IbmTivoli Monitoring Version6.2.3.2
IbmTivoli Remote Control Version5.1.2
IbmWebsphere Real Time Version2.0
IbmWebsphere Real Time Version3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.09% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2013-1455.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1456.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.html
Third Party Advisory
http://secunia.com/advisories/51326
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1466.html
Third Party Advisory
http://secunia.com/advisories/51327
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1465.html
Third Party Advisory
http://secunia.com/advisories/51328
Third Party Advisory
http://secunia.com/advisories/51393
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21631786
Vendor Advisory
http://seclists.org/bugtraq/2012/Sep/38
Third Party Advisory
Mailing List
http://secunia.com/advisories/51634
Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
Vendor Advisory
http://www.securityfocus.com/bid/55495
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78764
Third Party Advisory
VDB Entry
https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Vendor Advisory