CVE-2012-5076 - Oracle Java SE Sandbox Bypass Vulnerability
Project:Oracle
Product:Java SE
Date Added:2022-03-28Due Date:2022-04-18
Vulnerability Name
Oracle Java SE Sandbox Bypass Vulnerability
Description
The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2012-5076