CVE-2012-5076
Oracle Java SE Sandbox Bypass Vulnerability
CVSS
—
No CVSS
EPSS
91.0%
p100
KEV
YES
Mar 28, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
91.0%EPSS · 30 days91.0%
2026-06-302026-07-16
Product
Oracle / Java SE
Vulnerability
Oracle Java SE Sandbox Bypass Vulnerability
Added to KEV
Mar 28, 2022
Remediate by
Apr 18, 2022
Known ransomware use
No
Summary description
The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2012-5076
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2013-2465—99.9%
KEV—80Oracle Java SE Unspecified Vulnerability—CVE-2012-4681—99.9%
KEV—80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability—CVE-2012-0507—99.9%
KEV—80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability—CVE-2012-1723—99.8%
KEV—80Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability—CVE-2015-2590—97.7%
KEV—79Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability—CVE-2015-4902—96.0%
KEV—79Oracle Java SE Integrity Check Vulnerability—