CVE-2012-4822

Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."

公開: 2013-01-10 最後更新: 2026-06-16 指派方: [email protected] 來源: [email protected]

結論預警: CVE-2012-4822 綜合評估為中等風險(64.8/100):CVSS 技術影響為嚴重級,利用機率偏高(EPSS 6.93%,百分位 93%) 核心證據: EPSS 顯示該漏洞近期被利用的可能性處於高位。 強制指令: 被利用機率偏高—請盤點暴露面並優先安排修補。

風險隨態勢動態變化;本站持續評估並同步更新本頁展示內容。

CVE-2012-4822 的 EPSS(利用預測評分)

EPSS 日更估計相對被利用可能性;百分位表示該 CVE 在已評分漏洞中的相對排名(越高表示相對更嚴重)。

# 日期 舊 EPSS 分數 新 EPSS 分數 變化(新 − 舊)
1 2026-06-15 12.00% 6.93% -5.07%
2 2026-04-29 11.28% 12.00% +0.72%
3 2025-12-28 11.28%

完整 EPSS 歷史 (共 15 筆)

CVE-2012-4822 的 CVSS 指標

該 CVE 的 CVSS 指標。

底座分 版本 嚴重度 向量 可利用性 影響 分數來源
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C 點擊展開
存取路徑 (AV:N)
只要路由可達,即可從遠端發動利用。
存取複雜度 (AC:M)
需要若干有利條件,但不必「千年一遇」。
認證 (AU:N)
全程無需有效身分。
機密性影響 (C:C)
機密性被完全破壞。
完整性影響 (I:C)
完整性被完全破壞。
可用性影響 (A:C)
可用性被完全破壞。
8.6 10.0 [email protected]

CVE-2012-4822 的弱點列舉

CVE-2012-4822 的 OS 追蹤

vendor priority summary link
redhat high https://access.redhat.com/security/cve/CVE-2012-4822

CVE-2012-4822 的影響軟體 / 設定

廠商 產品 版本 原始 CPE
ibm java >= 1.4.2, <= 1.4.2.13.13 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 5.0.0.0, <= 5.0.14.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 6.0.0.0, <= 6.0.11.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm java >= 7.0.0.0, <= 7.0.2.0 cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
ibm lotus_domino 8.0 cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*
ibm lotus_domino 8.0.1 cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2 cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.1 cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.2 cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.3 cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*
ibm lotus_domino 8.0.2.4 cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.0 cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.0.1 cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1 cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.1 cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.2 cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.3 cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.4 cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.1.5 cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.0 cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.1 cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.2 cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.3 cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*
ibm lotus_domino 8.5.2.4 cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.0 cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.1 cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_domino 8.5.3.2 cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0 cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.0 cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.1 cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2 cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.0 cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.1 cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.2 cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.3 cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.4 cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.5 cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*
ibm lotus_notes 8.0.2.6 cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*
ibm lotus_notes 8.5 cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*
ibm lotus_notes 8.5.0.0 cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.0.1 cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1 cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.0 cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.1 cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.2 cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.3 cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.4 cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*
ibm lotus_notes 8.5.1.5 cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.0 cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.1 cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.2 cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.2.3 cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3 cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3.1 cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_notes 8.5.3.2 cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes 8.5.4 cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.0.80407 cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.0.80822 cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*
ibm lotus_notes_sametime 8.5.1.20100709-1631 cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*
ibm lotus_notes_traveler 8.0 cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.0.1.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.0 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.0.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.1.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.2.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.1 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.2 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*
ibm lotus_notes_traveler 8.5.3.3 cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*
ibm rational_change 4.7 cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*
ibm rational_change 5.1 cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*
ibm rational_change 5.2 cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*
ibm rational_change 5.3 cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*
ibm rational_host_on-demand 1.6.0.12 cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*

CVE-2012-4822 的參考連結

URL 標籤
http://rhn.redhat.com/errata/RHSA-2012-1465.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1466.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2012-1467.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1455.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-1456.html Third Party Advisory
http://seclists.org/bugtraq/2012/Sep/38 Mailing List Third Party Advisory
http://secunia.com/advisories/51326 Third Party Advisory
http://secunia.com/advisories/51327 Third Party Advisory
http://secunia.com/advisories/51328 Third Party Advisory
http://secunia.com/advisories/51393 Third Party Advisory
http://secunia.com/advisories/51634 Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615705 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21615800 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616490 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616594 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616616 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616617 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616652 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21616708 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21621154 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21631786 Vendor Advisory
http://www.securityfocus.com/bid/55495 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/78766 VDB Entry
https://www-304.ibm.com/support/docview.wss?uid=swg21616546 Vendor Advisory
cvelogic Threat Intelligence