Home > Vulnerability Database > CVE-2012-4821

Mend.io Vulnerability Database

CVE-2012-4821

Date: January 10, 2013

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.

Severity Score

8.1

Related Resources (20)

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616594

Url: http://seclists.org/bugtraq/2012/Sep/38

Url: http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616652

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21621154

Url: http://secunia.com/advisories/51634

Url: http://secunia.com/advisories/51326

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21615800

Url: https://nvd.nist.gov/vuln/detail/CVE-2012-4821

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616616

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616617

Url: http://www.securityfocus.com/bid/55495

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21615705

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616708

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/78765

Url: https://www-304.ibm.com/support/docview.wss?uid=swg21616546

Url: https://access.redhat.com/security/cve/CVE-2012-4821

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21616490

Url: http://rhn.redhat.com/errata/RHSA-2012-1467.html

Url: https://www.mend.io/vulnerability-database/CVE-2012-4821

Severity Score

8.1

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

CVSS v3.1

Base Score:	8.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	9.3
Access Vector (AV):	NETWORK
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2012-4821

Date: January 10, 2013

Severity Score

Related Resources (20)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?