Privilege Escalation Vulnerability in IBM Java Runtime Environment
CVE-2012-4820

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino; 5.1.1; Lotus Notes; Lotus Notes Traveler
Vendor: CVE Published:; 11 January 2013

What is CVE-2012-4820?

An unspecified vulnerability in the Java Runtime Environment (JRE) component of IBM Java enables remote attackers to gain elevated privileges by manipulating the security manager, particularly through vulnerabilities in the java.lang.reflect.Method invoke() method. This flaw affects multiple versions of the JRE and several IBM products, highlighting significant security implications for systems relying on Java. Users are advised to review their Java environments and apply necessary patches to mitigate potential exploits.

References

http://rhn.redhat.com/errata/RHSA-2012-1466.html

vendor-advisoryx_refsource_REDHAT

http://www-01.ibm.com/support/docview.wss?uid=swg21616616

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21616594

x_refsource_CONFIRM

EPSS Score

9% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 11, 2013
Vulnerability Reserved
Sep 6, 2012