CVE-2012-5076

critical

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.

References

Advisories
More

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://rhn.redhat.com/errata/RHSA-2012-1467.html

http://rhn.redhat.com/errata/RHSA-2012-1391.html

http://rhn.redhat.com/errata/RHSA-2012-1386.html

http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html

http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html

http://secunia.com/advisories/51390

http://secunia.com/advisories/51326

http://secunia.com/advisories/51029

Details

Source: Mitre, NVD

Published: 2012-10-16

Updated: 2025-04-11

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H