CVE-2012-5076

unknown KEV

Published 2022-03-28 · Modified 2022-03-28

CVSS v3

—

CVSS v2

—

VIR risk

1.5

Description

The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

CISA KEV

Vendor: Oracle
Product: Java SE
Due date: 2022-04-18

Predictions

Exploit likelihood

99%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cisa-kev — https://nvd.nist.gov/vuln/detail/CVE-2012-5076

Exploits

References

https://nvd.nist.gov/vuln/detail/CVE-2012-5076

Verify integrity in audit chain (admin only). AS-IS.