PULSE
LIVE44signals / 24h
FEED
ransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Servicesransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransomgunra reclama a Dissinger and Dissinger Law Firm · US · Business Servicesransomplay reclama a Boston Electric and Telephone · US · Telecommunicationransomplay reclama a Wring Group · GB · Not Foundransomincransom reclama a asa-international.com · GB · Business Servicesransomplay reclama a AG Scholtes · NL · Manufacturingransomplay reclama a Andorra Life · AD · Healthcareransomplay reclama a Svensk Direktreklam · SE · Business Services
← All CVEs
CVE Watch

CVE-2012-5076

Oracle Java SE Sandbox Bypass Vulnerability

CVSS

No CVSS

EPSS

91.0%

p100

KEV

YES

Mar 28, 2022

Exploit Today

80

0-100

Published: · Last modified:

EPSS · 30d
91.0%EPSS · 30 days91.0%
2026-06-302026-07-16
KEV catalog record

Product

Oracle / Java SE

Vulnerability

Oracle Java SE Sandbox Bypass Vulnerability

Added to KEV

Mar 28, 2022

Remediate by

Apr 18, 2022

Known ransomware use

No

Summary description

The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

Required action

Apply updates per vendor instructions.

Notes

https://nvd.nist.gov/vuln/detail/CVE-2012-5076

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2013-2465
99.9%
KEV80Oracle Java SE Unspecified Vulnerability
CVE-2012-4681
99.9%
KEV80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
CVE-2012-0507
99.9%
KEV80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
CVE-2012-1723
99.8%
KEV80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
CVE-2015-2590
97.7%
KEV79Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability
CVE-2015-4902
96.0%
KEV79Oracle Java SE Integrity Check Vulnerability