NVD
- Id
- 43438
- Name
- CVE-2012-1541
- Description
- Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to an interaction error in between the JRE plug-in for WebKit-based browsers and the Javascript engine, which allows remote attackers to execute arbitrary code by modifying DOM nodes that contain applet elements in a way that triggers an incorrect reference count and a use after free.
- Reject
- CVSS Version
- 2
- CVSS Score
- 10
- Severity
- High
- CVSS Base Score
- 10
- CVSS Impact Subscore
- 10
- CVSS Exploit Subscore
- 10
- CVSS Vector
- (AV:N/AC:L/Au:N/C:C/I:C/A:C)
- Pub Date
- 2017-01-19
- Published
- 2013-02-01
- Modified Date
- 2013-12-19
- Seq
- 2012-1541
