Unspecified Vulnerabilities in IBM Java Affecting Multiple Products
CVE-2012-4821

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Domino; 5.1.1; Lotus Notes; Lotus Notes Traveler
Vendor: CVE Published:; 11 January 2013

Summary

The JRE component of IBM Java has multiple unspecified vulnerabilities that could allow remote attackers to execute arbitrary code. This issue arises from the insecure usage of the methods 'java.lang.Class.getDeclaredMethods()' and 'java.lang.reflect.AccessibleObject.setAccessible()'. Affected versions include IBM Java 5, 6, and 7 across several IBM products and other vendors, posing a significant risk to users who have not implemented adequate security measures.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21616616

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg21616594

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/78765

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 11, 2013
Vulnerability Reserved
Sep 6, 2012