CVE-2012-4821
First published: Fri Jan 11 2013(Updated: )
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM JDK | >=1.4.2<=1.4.2.13.13 | |
| IBM JDK | >=5.0.0.0<=5.0.14.0 | |
| IBM JDK | >=6.0.0.0<=6.0.11.0 | |
| IBM JDK | >=7.0.0.0<=7.0.2.0 | |
| IBM Lotus Domino | =8.0 | |
| IBM Lotus Domino | =8.0.1 | |
| IBM Lotus Domino | =8.0.2 | |
| IBM Lotus Domino | =8.0.2.1 | |
| IBM Lotus Domino | =8.0.2.2 | |
| IBM Lotus Domino | =8.0.2.3 | |
| IBM Lotus Domino | =8.0.2.4 | |
| IBM Lotus Domino | =8.5.0 | |
| IBM Lotus Domino | =8.5.0.1 | |
| IBM Lotus Domino | =8.5.1 | |
| IBM Lotus Domino | =8.5.1.1 | |
| IBM Lotus Domino | =8.5.1.2 | |
| IBM Lotus Domino | =8.5.1.3 | |
| IBM Lotus Domino | =8.5.1.4 | |
| IBM Lotus Domino | =8.5.1.5 | |
| IBM Lotus Domino | =8.5.2.0 | |
| IBM Lotus Domino | =8.5.2.1 | |
| IBM Lotus Domino | =8.5.2.2 | |
| IBM Lotus Domino | =8.5.2.3 | |
| IBM Lotus Domino | =8.5.2.4 | |
| IBM Lotus Domino | =8.5.3.0 | |
| IBM Lotus Domino | =8.5.3.1 | |
| IBM Lotus Domino | =8.5.3.2 | |
| IBM Notes | =8.0 | |
| IBM Notes | =8.0.0 | |
| IBM Notes | =8.0.1 | |
| IBM Notes | =8.0.2 | |
| IBM Notes | =8.0.2.0 | |
| IBM Notes | =8.0.2.1 | |
| IBM Notes | =8.0.2.2 | |
| IBM Notes | =8.0.2.3 | |
| IBM Notes | =8.0.2.4 | |
| IBM Notes | =8.0.2.5 | |
| IBM Notes | =8.0.2.6 | |
| IBM Notes | =8.5 | |
| IBM Notes | =8.5.0.0 | |
| IBM Notes | =8.5.0.1 | |
| IBM Notes | =8.5.1 | |
| IBM Notes | =8.5.1.0 | |
| IBM Notes | =8.5.1.1 | |
| IBM Notes | =8.5.1.2 | |
| IBM Notes | =8.5.1.3 | |
| IBM Notes | =8.5.1.4 | |
| IBM Notes | =8.5.1.5 | |
| IBM Notes | =8.5.2.0 | |
| IBM Notes | =8.5.2.1 | |
| IBM Notes | =8.5.2.2 | |
| IBM Notes | =8.5.2.3 | |
| IBM Notes | =8.5.3 | |
| IBM Notes | =8.5.3.1 | |
| IBM Notes | =8.5.3.2 | |
| IBM Notes | =8.5.4 | |
| IBM Sametime | =8.0.80407 | |
| IBM Sametime | =8.0.80822 | |
| IBM Sametime | =8.5.1.20100709-1631 | |
| IBM Lotus Notes Intellisync | =8.0 | |
| IBM Lotus Notes Intellisync | =8.0.1 | |
| IBM Lotus Notes Intellisync | =8.0.1.2 | |
| IBM Lotus Notes Intellisync | =8.0.1.3 | |
| IBM Lotus Notes Intellisync | =8.5.0.0 | |
| IBM Lotus Notes Intellisync | =8.5.0.1 | |
| IBM Lotus Notes Intellisync | =8.5.0.2 | |
| IBM Lotus Notes Intellisync | =8.5.1.1 | |
| IBM Lotus Notes Intellisync | =8.5.1.2 | |
| IBM Lotus Notes Intellisync | =8.5.1.3 | |
| IBM Lotus Notes Intellisync | =8.5.2.1 | |
| IBM Lotus Notes Intellisync | =8.5.3 | |
| IBM Lotus Notes Intellisync | =8.5.3.1 | |
| IBM Lotus Notes Intellisync | =8.5.3.2 | |
| IBM Lotus Notes Intellisync | =8.5.3.3 | |
| IBM Lotus Notes Intellisync | =8.5.3.3-interim_fix_1 | |
| IBM Rational Change | =4.7 | |
| IBM Rational Change | =5.1 | |
| IBM Rational Change | =5.2 | |
| IBM Rational Change | =5.3 | |
| IBM Rational Host On-Demand | =1.6.0.12 | |
| IBM Rational Host On-Demand | =8.0.8.0 | |
| IBM Rational Host On-Demand | =9.0.8.0 | |
| IBM Rational Host On-Demand | =10.0.9.0 | |
| IBM Rational Host On-Demand | =10.0.10.0 | |
| IBM Rational Host On-Demand | =11.0.3.0 | |
| IBM Rational Host On-Demand | =11.0.4.0 | |
| IBM Rational Host On-Demand | =11.0.5.0 | |
| IBM Rational Host On-Demand | =11.0.5.1 | |
| IBM Rational Host On-Demand | =11.0.6.0 | |
| IBM Rational Host On-Demand | =11.0.6.1 | |
| IBM Service Delivery Manager | =7.2.1.0 | |
| IBM Service Delivery Manager | =7.2.2.0 | |
| IBM Smart Analytics System 5600 | ||
| IBM Smart Analytics System 5600 | =9.7 | |
| IBM Tivoli Monitoring | =6.1.0 | |
| IBM Tivoli Monitoring | =6.1.0.7 | |
| IBM Tivoli Monitoring | =6.2.0 | |
| IBM Tivoli Monitoring | =6.2.0.1 | |
| IBM Tivoli Monitoring | =6.2.0.2 | |
| IBM Tivoli Monitoring | =6.2.0.3 | |
| IBM Tivoli Monitoring | =6.2.1 | |
| IBM Tivoli Monitoring | =6.2.1.0 | |
| IBM Tivoli Monitoring | =6.2.1.1 | |
| IBM Tivoli Monitoring | =6.2.1.2 | |
| IBM Tivoli Monitoring | =6.2.1.3 | |
| IBM Tivoli Monitoring | =6.2.1.4 | |
| IBM Tivoli Monitoring | =6.2.2 | |
| IBM Tivoli Monitoring | =6.2.2.0 | |
| IBM Tivoli Monitoring | =6.2.2.1 | |
| IBM Tivoli Monitoring | =6.2.2.2 | |
| IBM Tivoli Monitoring | =6.2.2.3 | |
| IBM Tivoli Monitoring | =6.2.2.4 | |
| IBM Tivoli Monitoring | =6.2.2.5 | |
| IBM Tivoli Monitoring | =6.2.2.6 | |
| IBM Tivoli Monitoring | =6.2.2.7 | |
| IBM Tivoli Monitoring | =6.2.2.8 | |
| IBM Tivoli Monitoring | =6.2.2.9 | |
| IBM Tivoli Monitoring | =6.2.3 | |
| IBM Tivoli Monitoring | =6.2.3.0 | |
| IBM Tivoli Monitoring | =6.2.3.1 | |
| IBM Tivoli Monitoring | =6.2.3.2 | |
| IBM Tivoli Remote Control | =5.1.2 | |
| IBM WebSphere Real Time | =2.0 | |
| IBM WebSphere Real Time | =3.0 | |
| IBM Tivoli Storage Productivity Center | ||
| IBM Tivoli Storage Productivity Center | ||
| IBM Tivoli Storage Productivity Center | ||
| IBM Smart Analytics System 5600 Software | =7200 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://rhn.redhat.com/errata/RHSA-2012-1467.html
- http://seclists.org/bugtraq/2012/Sep/38
- http://secunia.com/advisories/51326
- http://secunia.com/advisories/51634
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659
- http://www-01.ibm.com/support/docview.wss?uid=swg21615705
- http://www-01.ibm.com/support/docview.wss?uid=swg21615800
- http://www-01.ibm.com/support/docview.wss?uid=swg21616490
- http://www-01.ibm.com/support/docview.wss?uid=swg21616594
- http://www-01.ibm.com/support/docview.wss?uid=swg21616616
- http://www-01.ibm.com/support/docview.wss?uid=swg21616617
- http://www-01.ibm.com/support/docview.wss?uid=swg21616652
- http://www-01.ibm.com/support/docview.wss?uid=swg21616708
- http://www-01.ibm.com/support/docview.wss?uid=swg21621154
- http://www.securityfocus.com/bid/55495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78765
- https://www-304.ibm.com/support/docview.wss?uid=swg21616546
Frequently Asked Questions
What versions of IBM software are affected by CVE-2012-4821?
CVE-2012-4821 affects multiple versions of IBM Java, including 7 SR2 and earlier, 6.0.1 SR3 and earlier, 5 SR14 and earlier, and several IBM Lotus and Tivoli products.
Is there a patch available to resolve CVE-2012-4821?
Yes, IBM has released updates and patches to address the vulnerabilities associated with CVE-2012-4821.
What should I do if I suspect my system is affected by CVE-2012-4821?
You should immediately apply the latest security updates provided by IBM for the affected software versions to mitigate the risks.
What kind of vulnerabilities does CVE-2012-4821 encompass?
CVE-2012-4821 includes multiple unspecified vulnerabilities within the IBM Java Runtime Environment that could potentially lead to exploitation.
How can I verify if my Java installation is vulnerable to CVE-2012-4821?
You can check the version of your IBM Java installation against the affected versions listed for CVE-2012-4821 to determine if it is vulnerable.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/author
- agent/references
- agent/description
- agent/severity
- agent/event
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm jdk
- version/ibm jdk/1.4.2
- version/ibm jdk/1.4.2.13.13
- version/ibm jdk/5.0.0.0
- version/ibm jdk/5.0.14.0
- version/ibm jdk/6.0.0.0
- version/ibm jdk/6.0.11.0
- version/ibm jdk/7.0.0.0
- version/ibm jdk/7.0.2.0
- canonical/ibm lotus domino
- version/ibm lotus domino/8.0
- version/ibm lotus domino/8.0.1
- version/ibm lotus domino/8.0.2
- version/ibm lotus domino/8.0.2.1
- version/ibm lotus domino/8.0.2.2
- version/ibm lotus domino/8.0.2.3
- version/ibm lotus domino/8.0.2.4
- version/ibm lotus domino/8.5.0
- version/ibm lotus domino/8.5.0.1
- version/ibm lotus domino/8.5.1
- version/ibm lotus domino/8.5.1.1
- version/ibm lotus domino/8.5.1.2
- version/ibm lotus domino/8.5.1.3
- version/ibm lotus domino/8.5.1.4
- version/ibm lotus domino/8.5.1.5
- version/ibm lotus domino/8.5.2.0
- version/ibm lotus domino/8.5.2.1
- version/ibm lotus domino/8.5.2.2
- version/ibm lotus domino/8.5.2.3
- version/ibm lotus domino/8.5.2.4
- version/ibm lotus domino/8.5.3.0
- version/ibm lotus domino/8.5.3.1
- version/ibm lotus domino/8.5.3.2
- canonical/ibm notes
- version/ibm notes/8.0
- version/ibm notes/8.0.0
- version/ibm notes/8.0.1
- version/ibm notes/8.0.2
- version/ibm notes/8.0.2.0
- version/ibm notes/8.0.2.1
- version/ibm notes/8.0.2.2
- version/ibm notes/8.0.2.3
- version/ibm notes/8.0.2.4
- version/ibm notes/8.0.2.5
- version/ibm notes/8.0.2.6
- version/ibm notes/8.5
- version/ibm notes/8.5.0.0
- version/ibm notes/8.5.0.1
- version/ibm notes/8.5.1
- version/ibm notes/8.5.1.0
- version/ibm notes/8.5.1.1
- version/ibm notes/8.5.1.2
- version/ibm notes/8.5.1.3
- version/ibm notes/8.5.1.4
- version/ibm notes/8.5.1.5
- version/ibm notes/8.5.2.0
- version/ibm notes/8.5.2.1
- version/ibm notes/8.5.2.2
- version/ibm notes/8.5.2.3
- version/ibm notes/8.5.3
- version/ibm notes/8.5.3.1
- version/ibm notes/8.5.3.2
- version/ibm notes/8.5.4
- canonical/ibm sametime
- version/ibm sametime/8.0.80407
- version/ibm sametime/8.0.80822
- version/ibm sametime/8.5.1.20100709-1631
- canonical/ibm lotus notes intellisync
- version/ibm lotus notes intellisync/8.0
- version/ibm lotus notes intellisync/8.0.1
- version/ibm lotus notes intellisync/8.0.1.2
- version/ibm lotus notes intellisync/8.0.1.3
- version/ibm lotus notes intellisync/8.5.0.0
- version/ibm lotus notes intellisync/8.5.0.1
- version/ibm lotus notes intellisync/8.5.0.2
- version/ibm lotus notes intellisync/8.5.1.1
- version/ibm lotus notes intellisync/8.5.1.2
- version/ibm lotus notes intellisync/8.5.1.3
- version/ibm lotus notes intellisync/8.5.2.1
- version/ibm lotus notes intellisync/8.5.3
- version/ibm lotus notes intellisync/8.5.3.1
- version/ibm lotus notes intellisync/8.5.3.2
- version/ibm lotus notes intellisync/8.5.3.3
- version/ibm lotus notes intellisync/8.5.3.3-interim_fix_1
- canonical/ibm rational change
- version/ibm rational change/4.7
- version/ibm rational change/5.1
- version/ibm rational change/5.2
- version/ibm rational change/5.3
- canonical/ibm rational host on-demand
- version/ibm rational host on-demand/1.6.0.12
- version/ibm rational host on-demand/8.0.8.0
- version/ibm rational host on-demand/9.0.8.0
- version/ibm rational host on-demand/10.0.9.0
- version/ibm rational host on-demand/10.0.10.0
- version/ibm rational host on-demand/11.0.3.0
- version/ibm rational host on-demand/11.0.4.0
- version/ibm rational host on-demand/11.0.5.0
- version/ibm rational host on-demand/11.0.5.1
- version/ibm rational host on-demand/11.0.6.0
- version/ibm rational host on-demand/11.0.6.1
- canonical/ibm service delivery manager
- version/ibm service delivery manager/7.2.1.0
- version/ibm service delivery manager/7.2.2.0
- canonical/ibm smart analytics system 5600
- version/ibm smart analytics system 5600/9.7
- canonical/ibm tivoli monitoring
- version/ibm tivoli monitoring/6.1.0
- version/ibm tivoli monitoring/6.1.0.7
- version/ibm tivoli monitoring/6.2.0
- version/ibm tivoli monitoring/6.2.0.1
- version/ibm tivoli monitoring/6.2.0.2
- version/ibm tivoli monitoring/6.2.0.3
- version/ibm tivoli monitoring/6.2.1
- version/ibm tivoli monitoring/6.2.1.0
- version/ibm tivoli monitoring/6.2.1.1
- version/ibm tivoli monitoring/6.2.1.2
- version/ibm tivoli monitoring/6.2.1.3
- version/ibm tivoli monitoring/6.2.1.4
- version/ibm tivoli monitoring/6.2.2
- version/ibm tivoli monitoring/6.2.2.0
- version/ibm tivoli monitoring/6.2.2.1
- version/ibm tivoli monitoring/6.2.2.2
- version/ibm tivoli monitoring/6.2.2.3
- version/ibm tivoli monitoring/6.2.2.4
- version/ibm tivoli monitoring/6.2.2.5
- version/ibm tivoli monitoring/6.2.2.6
- version/ibm tivoli monitoring/6.2.2.7
- version/ibm tivoli monitoring/6.2.2.8
- version/ibm tivoli monitoring/6.2.2.9
- version/ibm tivoli monitoring/6.2.3
- version/ibm tivoli monitoring/6.2.3.0
- version/ibm tivoli monitoring/6.2.3.1
- version/ibm tivoli monitoring/6.2.3.2
- canonical/ibm tivoli remote control
- version/ibm tivoli remote control/5.1.2
- canonical/ibm websphere real time
- version/ibm websphere real time/2.0
- version/ibm websphere real time/3.0
- vendor/tivoli storage productivity center
- canonical/ibm tivoli storage productivity center
- canonical/ibm smart analytics system 5600 software
- version/ibm smart analytics system 5600 software/7200