CVE-2012-4821high
Description
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.
References
http://rhn.redhat.com/errata/RHSA-2012-1467.html
http://seclists.org/bugtraq/2012/Sep/38
http://secunia.com/advisories/51326
http://secunia.com/advisories/51634
http://www.securityfocus.com/bid/55495
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Details
Source: MITRE
Published: 2013-01-11
Updated: 2019-07-18
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH