CVE-2012-1723

Confirmed PUBLISHED

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5...

Oracle · Java SE
Exploited in the wild Used in malware PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
9.8 Critical

At a Glance

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

metasploit cisa malware java ransomware
CVE Published
Jun 16, 2012
Exploitation Reported
Mar 03, 2022
CVSS
9.8 Critical
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
n/a

n/a

Affected

CVE References

  • GLSA-201406-32 security.gentoo.org · Vendor Advisory http://security.gentoo.org/glsa/glsa-201406-32.xml
  • RHSA-2012:0734 rhn.redhat.com · Vendor Advisory http://rhn.redhat.com/errata/RHSA-2012-0734.html
  • SSRT100919 marc.info · Vendor Advisory http://marc.info/?l=bugtraq&m=134496371727681&w=2
  • MDVSA-2012:095 mandriva.com · Vendor Advisory http://www.mandriva.com/security/advisories?name=MDVSA-2012:095
  • 51080 secunia.com · Third-Party Advisory http://secunia.com/advisories/51080
Show 5 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.