CVE-2012-1682

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. NOTE: Oracle has not commented on claims from a downstream vendor that this issue is related to "XMLDecoder security issue via ClassFinder."

Published: Aug 31, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1682
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / jdk	-	1.7.0.x
oracle / jdk	1.7.0-update5	1.7.0-update5.x
oracle / jre	1.7.0-update3	1.7.0-update3.x
oracle / jdk	1.7.0-update2	1.7.0-update2.x
oracle / jdk	1.7.0	1.7.0.x
oracle / jre	-	1.7.0.x
oracle / jre	1.7.0-update2	1.7.0-update2.x
oracle / jdk	1.7.0-update3	1.7.0-update3.x
oracle / jre	1.7.0-update5	1.7.0-update5.x
oracle / jre	1.7.0-update4	1.7.0-update4.x
oracle / jre	1.7.0	1.7.0.x
oracle / jdk	1.7.0-update1	1.7.0-update1.x
oracle / jdk	1.7.0-update4	1.7.0-update4.x
oracle / jre	1.7.0-update1	1.7.0-update1.x

Vulnerability Database

CVE-2012-1682

Deep Security Visibility Without the Complexity