Vulnerability Details : CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by (1) using com.sun.beans.finder.ClassFinder.findClass and leveraging an exception with the forName method to access restricted classes from arbitrary packages such as sun.awt.SunToolkit, then (2) using "reflection with a trusted immediate caller" to leverage the getField method to access and modify private fields, as exploited in the wild in August 2012 using Gondzz.class and Gondvv.class.
Vulnerability category: Execute code
Published 2012-08-28 00:55:02
Updated 2022-12-21 15:28:09
Source MITRE
View at NVD,
At least one public exploit which can be used to exploit this vulnerability exists!

Threat overview for CVE-2012-4681

Top countries where our scanners detected CVE-2012-4681
Top open port discovered on systems with this issue 80
IPs affected by CVE-2012-4681 1,565
Threat actors abusing to this issue? Yes
Find out if you* are affected by CVE-2012-4681!
*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.
CVE-2012-4681 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
The Java Runtime Environment (JRE) component in Oracle Java SE allow for remote code execution.
Added on 2022-03-03 Action due date 2022-03-24

Exploit prediction scoring system (EPSS) score for CVE-2012-4681

Probability of exploitation activity in the next 30 days: 97.52%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2012-4681

  • Java 7 Applet Remote Code Execution
    Disclosure Date: 2012-08-26
    First seen: 2020-04-26
    The exploit takes advantage of two issues in JDK 7: The ClassFinder and MethodFinder.findMethod(). Both were newly introduced in JDK 7. ClassFinder is a replacement for classForName back in JDK 6. It allows untrusted code to obtain a reference and have access to a

CVSS scores for CVE-2012-4681

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source

References for CVE-2012-4681

Products affected by CVE-2012-4681

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to terms of use!