How severe is CVE-2012-0507?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2012-0507?

This is classified as CWE-843, which is a common weakness in software security.

CVE-2012-0507 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

Related Vulnerabilities

CVE-2016-1000005

CRITICAL

CVSS:9.8(Critical)

mcrypt_get_block_size did not enforce that the provided "module" parameter was a string, leading to type confusion if other types of data were passed in. This issue affects HHVM versions prior to 3.9....

CWE-8432016

CVE-2018-9471

CRITICAL

CVSS:9.8(Critical)

In the deserialization constructor of NanoAppFilter.java, there is a possible loss of data due to type confusion. This could lead to local escalation of privilege in the system server with no addition...

CWE-8432018

CVE-2019-10231

CRITICAL

CVSS:9.8(Critical)

Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerability allowing bypass of authentication. This occurs in Auth::checkPassword() (inc/auth.class.php).

CWE-8432019

CVE-2019-14537

CRITICAL

CVSS:9.8(Critical)

YOURLS through 1.7.3 is affected by a type juggling vulnerability in the api component that can result in login bypass.

CWE-8432019

CVE-2019-20571

CRITICAL

CVSS:9.8(Critical)

An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type confusion in the WVDRM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14...

CWE-8432019

CVE-2019-20583

CRITICAL

CVSS:9.8(Critical)

An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR Trustlet, leading to arbitrary code execution. The Samsung ID is...

CWE-8432019