CVE-2012-0507
Published: 07 June 2012
Summary
CVE-2012-0507 is a critical-severity Type Confusion (CWE-843) vulnerability in Sun Jre. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 0.2% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SC-18 (Mobile Code) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability is an unspecified issue in the Java Runtime Environment component of Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier. It stems from the AtomicReferenceArray class implementation failing to ensure arrays are of the Object[] type, which can lead to a JVM crash or sandbox bypass, and is tracked under concurrency-related vectors with associated CWEs including CWE-843.
Remote attackers can exploit the flaw without authentication to impact confidentiality, integrity, and availability. Successful attacks enable denial of service through JVM crashes or circumvention of Java sandbox restrictions to execute arbitrary code or access restricted resources.
References describe the issue appearing in exploit packs and detail a sandbox breach case, indicating active use in the wild shortly after disclosure. No specific patch or mitigation details are provided in the available references beyond general security announcements from vendors such as OpenSUSE.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2012-0539
Vulnerability details
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown…
more
vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.
- CWE(s)
- KEV Date Added
- 03 March 2022
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly restricts and controls execution of mobile code (Java applets) that rely on the JRE sandbox the vulnerability bypasses.
Requires prompt application of vendor patches that remediate the AtomicReferenceArray flaw in supported JRE versions.
Deploys malicious-code detection and blocking mechanisms that can identify or stop exploit payloads targeting this sandbox bypass.