Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-4976-tmay-nuba
Vulnerability ID VCID-4976-tmay-nuba
Aliases CVE-2012-0507
Summary OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
cvssv3.1 9.8 http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
ssvc Act http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
cvssv3.1 9.8 http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
ssvc Act http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
cvssv3.1 9.8 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
ssvc Act http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
cvssv3.1 9.8 http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
ssvc Act http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
cvssv3.1 9.8 http://marc.info/?l=bugtraq&m=133364885411663&w=2
ssvc Act http://marc.info/?l=bugtraq&m=133364885411663&w=2
cvssv3.1 9.8 http://marc.info/?l=bugtraq&m=133365109612558&w=2
ssvc Act http://marc.info/?l=bugtraq&m=133365109612558&w=2
cvssv3.1 9.8 http://marc.info/?l=bugtraq&m=133847939902305&w=2
ssvc Act http://marc.info/?l=bugtraq&m=133847939902305&w=2
cvssv3.1 9.8 http://marc.info/?l=bugtraq&m=134254866602253&w=2
ssvc Act http://marc.info/?l=bugtraq&m=134254866602253&w=2
cvssv3.1 9.8 http://marc.info/?l=bugtraq&m=134254957702612&w=2
ssvc Act http://marc.info/?l=bugtraq&m=134254957702612&w=2
cvssv3.1 9.8 http://rhn.redhat.com/errata/RHSA-2012-0508.html
ssvc Act http://rhn.redhat.com/errata/RHSA-2012-0508.html
cvssv3.1 9.8 http://rhn.redhat.com/errata/RHSA-2012-0514.html
ssvc Act http://rhn.redhat.com/errata/RHSA-2012-0514.html
cvssv3.1 9.8 http://rhn.redhat.com/errata/RHSA-2013-1455.html
ssvc Act http://rhn.redhat.com/errata/RHSA-2013-1455.html
epss 0.9358 https://api.first.org/data/v1/epss?cve=CVE-2012-0507
cvssv3.1 9.8 https://bugzilla.redhat.com/show_bug.cgi?id=788994
ssvc Act https://bugzilla.redhat.com/show_bug.cgi?id=788994
cvssv3.1 9.8 http://secunia.com/advisories/48589
ssvc Act http://secunia.com/advisories/48589
cvssv3.1 9.8 http://secunia.com/advisories/48692
ssvc Act http://secunia.com/advisories/48692
cvssv3.1 9.8 http://secunia.com/advisories/48915
ssvc Act http://secunia.com/advisories/48915
cvssv3.1 9.8 http://secunia.com/advisories/48948
ssvc Act http://secunia.com/advisories/48948
cvssv3.1 9.8 http://secunia.com/advisories/48950
ssvc Act http://secunia.com/advisories/48950
cvssv3.1 9.8 http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
ssvc Act http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
cvssv3.1 9.8 http://www.debian.org/security/2012/dsa-2420
ssvc Act http://www.debian.org/security/2012/dsa-2420
cvssv3.1 9.8 http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
ssvc Act http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
cvssv3.1 9.8 http://www.securityfocus.com/bid/52161
ssvc Act http://www.securityfocus.com/bid/52161
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0507.json
https://api.first.org/data/v1/epss?cve=CVE-2012-0507
48589 http://secunia.com/advisories/48589
48692 http://secunia.com/advisories/48692
48915 http://secunia.com/advisories/48915
48948 http://secunia.com/advisories/48948
48950 http://secunia.com/advisories/48950
52161 http://www.securityfocus.com/bid/52161
788994 https://bugzilla.redhat.com/show_bug.cgi?id=788994
an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
dsa-2420 http://www.debian.org/security/2012/dsa-2420
GLSA-201401-30 https://security.gentoo.org/glsa/201401-30
javacpufeb2012-366318.html http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
?l=bugtraq&m=133364885411663&w=2 http://marc.info/?l=bugtraq&m=133364885411663&w=2
?l=bugtraq&m=133365109612558&w=2 http://marc.info/?l=bugtraq&m=133365109612558&w=2
?l=bugtraq&m=133847939902305&w=2 http://marc.info/?l=bugtraq&m=133847939902305&w=2
msg00009.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
msg00010.html http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
new-java-attack-rolled-into-exploit-packs http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3 http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
RHSA-2012:0135 https://access.redhat.com/errata/RHSA-2012:0135
RHSA-2012:0139 https://access.redhat.com/errata/RHSA-2012:0139
RHSA-2012:0322 https://access.redhat.com/errata/RHSA-2012:0322
RHSA-2012:0508 https://access.redhat.com/errata/RHSA-2012:0508
RHSA-2012-0508.html http://rhn.redhat.com/errata/RHSA-2012-0508.html
RHSA-2012:0514 https://access.redhat.com/errata/RHSA-2012:0514
RHSA-2012-0514.html http://rhn.redhat.com/errata/RHSA-2012-0514.html
RHSA-2013:1455 https://access.redhat.com/errata/RHSA-2013:1455
RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1455.html
USN-1373-1 https://usn.ubuntu.com/1373-1/
USN-1373-2 https://usn.ubuntu.com/1373-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://marc.info/?l=bugtraq&m=133364885411663&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://marc.info/?l=bugtraq&m=133364885411663&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://marc.info/?l=bugtraq&m=133365109612558&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://marc.info/?l=bugtraq&m=133365109612558&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://marc.info/?l=bugtraq&m=133847939902305&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://marc.info/?l=bugtraq&m=133847939902305&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://marc.info/?l=bugtraq&m=134254866602253&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://marc.info/?l=bugtraq&m=134254866602253&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://marc.info/?l=bugtraq&m=134254957702612&w=2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://marc.info/?l=bugtraq&m=134254957702612&w=2
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2012-0508.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://rhn.redhat.com/errata/RHSA-2012-0508.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2012-0514.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://rhn.redhat.com/errata/RHSA-2012-0514.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://rhn.redhat.com/errata/RHSA-2013-1455.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://rhn.redhat.com/errata/RHSA-2013-1455.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=788994
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=788994
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://secunia.com/advisories/48589
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://secunia.com/advisories/48589
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://secunia.com/advisories/48692
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://secunia.com/advisories/48692
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://secunia.com/advisories/48915
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://secunia.com/advisories/48915
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://secunia.com/advisories/48948
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://secunia.com/advisories/48948
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://secunia.com/advisories/48950
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://secunia.com/advisories/48950
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.debian.org/security/2012/dsa-2420
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://www.debian.org/security/2012/dsa-2420
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.securityfocus.com/bid/52161
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-10T19:54:57Z/ Found at http://www.securityfocus.com/bid/52161
Exploit Prediction Scoring System (EPSS)
Percentile 0.99841
EPSS Score 0.9358
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T10:13:11.654051+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0507.json 38.6.0