CVE - CVE-2012-4820

CVE-ID
CVE-2012-4820	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
AIXAPAR:IV29654 URL:http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654 BID:55495 URL:http://www.securityfocus.com/bid/55495 BUGTRAQ:20120911 [SE-2012-01] Security vulnerabilities in IBM Java URL:http://seclists.org/bugtraq/2012/Sep/38 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21615705 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21615800 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616490 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616594 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616616 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616617 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616652 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21616708 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21621154 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21631786 CONFIRM:https://www-304.ibm.com/support/docview.wss?uid=swg21616546 REDHAT:RHSA-2012:1465 URL:http://rhn.redhat.com/errata/RHSA-2012-1465.html REDHAT:RHSA-2012:1466 URL:http://rhn.redhat.com/errata/RHSA-2012-1466.html REDHAT:RHSA-2012:1467 URL:http://rhn.redhat.com/errata/RHSA-2012-1467.html REDHAT:RHSA-2013:1455 URL:http://rhn.redhat.com/errata/RHSA-2013-1455.html REDHAT:RHSA-2013:1456 URL:http://rhn.redhat.com/errata/RHSA-2013-1456.html SECUNIA:51326 URL:http://secunia.com/advisories/51326 SECUNIA:51327 URL:http://secunia.com/advisories/51327 SECUNIA:51328 URL:http://secunia.com/advisories/51328 SECUNIA:51393 URL:http://secunia.com/advisories/51393 SECUNIA:51634 URL:http://secunia.com/advisories/51634 XF:ibm-java-invoke-code-execution(78764) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/78764
Assigning CNA
IBM Corporation
Date Record Created
20120906	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20120906)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)