CVE-2012-5076 — Oracle Java SE Sandbox Bypass Vulnerability
2022-03-28 • CISA Known Exploited Vulnerability
[event] The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Oracle |
| Product | Java SE |
| CVE ID | CVE-2012-5076 |
| Date Added | 2022-03-28 |
| Due Date | 2022-04-18 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-04-18