CVE-2012-4823high
Description
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."
References
http://rhn.redhat.com/errata/RHSA-2012-1466.html
http://rhn.redhat.com/errata/RHSA-2012-1467.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://seclists.org/bugtraq/2012/Sep/38
http://secunia.com/advisories/51326
http://secunia.com/advisories/51327
http://secunia.com/advisories/51634
http://www.securityfocus.com/bid/55495
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
Details
Source: MITRE
Published: 2013-01-11
Updated: 2019-07-18
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH