|Number of vulnerabilities||1|
|CVE ID|| CVE-2012-4681
|CWE ID|| CWE-388
|Public exploit||This vulnerability is being exploited in the wild.|
Universal components / Libraries / Software for developers
This security advisory describes one critical risk vulnerability.
CWE-388 - Error Handling
Exploit availability: Yes [Search exploit]Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
Successful exploitation of the vulnerability results in arbitrary code execution on the vulnerable system.
Note: the vulnerability was being actively exploited.
Update the latest version from vendor's website:
Java SE: 6u10, 6u11, 6u12, 6u13, 6u14, 6u15, 6u16, 6u17, 6u18, 6u19, 6u20, 6u27, 6u30, 6u32, 6u34, 7, 7u2, 7u4, 7u6CPE
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.