Show plain JSON{"id": "CVE-2012-5074", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-10-16T21:55:01.977", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51029", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51326", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/51390", "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/56056", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79426", "source": "secalert_us@oracle.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16668", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1386.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51029", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51326", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/51390", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/56056", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79426", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16668", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality and integrity, related to JAX-WS."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v7 Update 7 y versiones anteriores permite a atacantes remotos afectar la confidencialidad y la integridad. Se trata de un problema relacionado con JAX-WS.\r\n"}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:update7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADD9674C-3207-4D8D-A9C3-2EA53E33532B", "versionEndIncluding": "1.7.0"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF"}, {"criteria": "cpe:2.3:a:oracle:jre:*:update7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DC59C00-DFD8-404D-82C6-751C470D7B66", "versionEndIncluding": "1.7.0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0"}], "operator": "OR"}]}], "evaluatorImpact": "Per: http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html\r\n\r\n\"Applies to client deployment of Java only. This vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets. (Untrusted Java Web Start applications and untrusted applets run in the Java sandbox with limited privileges.)\"", "sourceIdentifier": "secalert_us@oracle.com"}