CVE-2012-4681 — CRITICAL (9.8)

Vulnerability Description

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Oracle	Jdk	1.6.0
Oracle	Jre	1.6.0
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Eus	6.3
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Workstation	6.0

Related Weaknesses (CWE)

CWE-284

References

http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.htmlThird Party Advisory
http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.htExploitThird Party Advisory
http://labs.alienvault.com/labs/index.php/2012/new-java-0day-exploited-in-the-wiBroken LinkExploit
http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.htmlMailing List
http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.htmlMailing List
http://marc.info/?l=bugtraq&m=135109152819176&w=2Issue TrackingMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1225.htmlThird Party Advisory
http://secunia.com/advisories/51044Not Applicable
http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.htmlBroken LinkThird Party Advisory
http://www.oracle.com/technetwork/topics/security/alert-cve-2012-4681-1835715.htVendor Advisory
http://www.securityfocus.com/bid/55213Broken LinkThird Party AdvisoryVDB Entry
http://www.us-cert.gov/cas/techalerts/TA12-240A.htmlThird Party AdvisoryUS Government Resource
https://community.rapid7.com/community/metasploit/blog/2012/08/27/lets-start-theBroken LinkThird Party Advisory
http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.htmlThird Party Advisory
http://immunityproducts.blogspot.com/2012/08/java-0day-analysis-cve-2012-4681.htExploitThird Party Advisory

FAQ

What is CVE-2012-4681?

CVE-2012-4681 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses Se...

How severe is CVE-2012-4681?

CVE-2012-4681 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2012-4681?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jdk, Oracle Jre, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Eus, Redhat Enterprise Linux Server.