HIGH🇬🇧 English

CVE-2012-4820

CVSS 9.3v2.0pub. 2013-01-11upd. 2026-04-29

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
  • IBM Java

    APP
    Ibm
    1.4.2 – 1.4.2.13.135.0.0.0 – 5.0.14.06.0.0.0 – 6.0.11.07.0.0.0 – 7.0.2.0
  • IBM Lotus Domino

    APP
    Ibm
    8.08.0.18.0.28.0.2.18.0.2.28.0.2.38.0.2.48.5.08.5.0.18.5.18.5.1.18.5.1.28.5.1.38.5.1.48.5.1.5+ 8 więcej
  • IBM Lotus Notes

    APP
    Ibm
    8.08.0.08.0.18.0.28.0.2.08.0.2.18.0.2.28.0.2.38.0.2.48.0.2.58.0.2.68.58.5.0.08.5.0.18.5.1+ 14 więcej
  • IBM Lotus Notes Sametime

    APP
    Ibm
    8.0.804078.0.808228.5.1.20100709-1631
  • IBM Lotus Notes Traveler

    APP
    Ibm
    8.08.0.18.0.1.28.0.1.38.5.0.08.5.0.18.5.0.28.5.1.18.5.1.28.5.1.38.5.2.18.5.38.5.3.18.5.3.28.5.3.3
  • IBM Rational Change

    APP
    Ibm
    4.75.15.25.3
  • IBM Rational Host On Demand

    APP
    Ibm
    10.0.10.010.0.9.011.0.3.011.0.4.011.0.5.011.0.5.111.0.6.011.0.6.11.6.0.128.0.8.09.0.8.0
  • IBM Service Delivery Manager

    APP
    Ibm
    7.2.1.07.2.2.0
  • IBM Smart Analytics System 5600 Software

    APP
    Ibm
    9.7
  • IBM Tivoli Monitoring

    APP
    Ibm
    6.1.06.1.0.76.2.06.2.0.16.2.0.26.2.0.36.2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2025-3357CRITICAL9.8PL ✓ten sam produkt

RCE w IBM Tivoli Monitoring — nieprawidłowa walidacja indeksu tablicy

CVE-2017-1789CRITICAL9.8ten sam produkt

IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through ...

CVE-2015-7411CRITICAL9.9ten sam produkt

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 a...

CVE-2015-0192CRITICAL9.8ten sam produkt

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6...

CVE-2025-3355HIGH7.5ten sam produkt

IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 21 could allow a remote attacker to traverse direct...