CVE-2012-1723
critical-risk
Published 2012-06-16
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
Do I need to act?
!
94.1% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
1 public exploit available
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (20)
References (21)
Mailing List
http://marc.info/?l=bugtraq&m=134496371727681&w=2
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0734.html
Broken Link
http://secunia.com/advisories/51080
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201406-32.xml
Broken Link
http://www.securityfocus.com/bid/53960
Mailing List
http://marc.info/?l=bugtraq&m=134496371727681&w=2
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-0734.html
Broken Link
http://secunia.com/advisories/51080
Third Party Advisory
http://security.gentoo.org/glsa/glsa-201406-32.xml
Broken Link
http://www.securityfocus.com/bid/53960
and 1 more references
Get this data via API
curl -H "Authorization: Bearer YOUR_KEY" \
https://cyber.phasetransitions.ai/api/v1/cves/CVE-2012-1723
Free tier: 100 requests/day, no credit card.
98
/ 100
critical-risk
Severity
32/34 · Critical
Exploitability
34/34 · Critical
Exposure
32/34 · Critical