CVE-2012-5076

Publication date 16 October 2012

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JAX-WS.

Status

Package Ubuntu Release Status
openjdk-7 12.10 quantal
Fixed 7u9-2.3.3-0ubuntu1~12.10.1
12.04 LTS precise
Fixed 7u9-2.3.3-0ubuntu1~12.04.1
11.10 oneiric
Fixed 7u9-2.3.3-0ubuntu1~11.10.1
11.04 natty Not in release
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

Severity score breakdown

Parameter Value
Base score 9.8 · Critical
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Related Ubuntu Security Notices (USN)

    • USN-1619-1
    • OpenJDK vulnerabilities
    • 26 October 2012

Other references