CVE-2012-4681

CRITICAL KEV RANSOMWARE

Java 7 Applet Remote Code Execution

Title source: metasploit

Description

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotejava
https://www.exploit-db.com/exploits/20865
nomisec WORKING POC 1 stars
by benjholla · local
https://github.com/benjholla/CVE-2012-4681-Armoring
nomisec WORKING POC
by ZH3FENG · local
https://github.com/ZH3FENG/PoCs-CVE_2012_4681
metasploit WORKING POC EXCELLENT
by Adam Gowdiak, s advisory, , # Vulnerability discovery according to Oracle, jduck, sinn3r, juan vazquez · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/java_jre17_exec.rb

References (14)

Scores

CVSS v3 9.8
EPSS 0.9414
EPSS Percentile 99.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-03-03
VulnCheck KEV 2012-08-28
InTheWild.io 2017-08-05
ENISA EUVD EUVD-2012-4606
Ransomware Use Confirmed
CWE
CWE-284
Status published
Products (3)
oracle/jdk 1.6.0 (34 CPE variants)
oracle/jdk 1.7.0 (7 CPE variants)
oracle/jre 1.6.0 (9 CPE variants)
Published Aug 28, 2012
KEV Added Mar 03, 2022
Tracked Since Feb 18, 2026