CVE-2012-4823

critical

Published 2013-01-11 · Modified 2026-04-29

💬 Discuss on Community ✚ Propose mitigation

CVSS v3

—

CVSS v4 NEW

—

not yet in upstream

VIR risk

9.3

Description

Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or — if you've already worked around this in production — publish your fix to the community-verified tier.

✚ Propose a mitigation on Community → Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Application impact

Vendor	Product	Versions
ibm	java	`{"startIncluding":"1.4.2","endIncluding":"1.4.2.13.13"}`
ibm	lotus_domino	`8.0`
ibm	lotus_domino	`8.0.1`
ibm	lotus_domino	`8.0.2`
ibm	lotus_domino	`8.0.2.1`
ibm	lotus_domino	`8.0.2.2`
ibm	lotus_domino	`8.0.2.3`
ibm	lotus_domino	`8.0.2.4`
ibm	lotus_domino	`8.5.0`
ibm	lotus_domino	`8.5.0.1`
ibm	lotus_domino	`8.5.1`
ibm	lotus_domino	`8.5.1.1`
ibm	lotus_domino	`8.5.1.2`
ibm	lotus_domino	`8.5.1.3`
ibm	lotus_domino	`8.5.1.4`
ibm	lotus_domino	`8.5.1.5`
ibm	lotus_domino	`8.5.2.0`
ibm	lotus_domino	`8.5.2.1`
ibm	lotus_domino	`8.5.2.2`
ibm	lotus_domino	`8.5.2.3`
ibm	lotus_domino	`8.5.2.4`
ibm	lotus_domino	`8.5.3.0`
ibm	lotus_domino	`8.5.3.1`
ibm	lotus_domino	`8.5.3.2`
ibm	lotus_notes	`8.0`
ibm	lotus_notes	`8.0.0`
ibm	lotus_notes	`8.0.1`
ibm	lotus_notes	`8.0.2`
ibm	lotus_notes	`8.0.2.0`
ibm	lotus_notes	`8.0.2.1`
ibm	lotus_notes	`8.0.2.2`
ibm	lotus_notes	`8.0.2.3`
ibm	lotus_notes	`8.0.2.4`
ibm	lotus_notes	`8.0.2.5`
ibm	lotus_notes	`8.0.2.6`
ibm	lotus_notes	`8.5`
ibm	lotus_notes	`8.5.0.0`
ibm	lotus_notes	`8.5.0.1`
ibm	lotus_notes	`8.5.1`
ibm	lotus_notes	`8.5.1.0`
ibm	lotus_notes	`8.5.1.1`
ibm	lotus_notes	`8.5.1.2`
ibm	lotus_notes	`8.5.1.3`
ibm	lotus_notes	`8.5.1.4`
ibm	lotus_notes	`8.5.1.5`
ibm	lotus_notes	`8.5.2.0`
ibm	lotus_notes	`8.5.2.1`
ibm	lotus_notes	`8.5.2.2`
ibm	lotus_notes	`8.5.2.3`
ibm	lotus_notes	`8.5.3`
ibm	lotus_notes	`8.5.3.1`
ibm	lotus_notes	`8.5.3.2`
ibm	lotus_notes	`8.5.4`
ibm	lotus_notes_sametime	`8.0.80407`
ibm	lotus_notes_sametime	`8.0.80822`
ibm	lotus_notes_sametime	`8.5.1.20100709-1631`
ibm	lotus_notes_traveler	`8.0`
ibm	lotus_notes_traveler	`8.0.1`
ibm	lotus_notes_traveler	`8.0.1.2`
ibm	lotus_notes_traveler	`8.0.1.3`
ibm	lotus_notes_traveler	`8.5.0.0`
ibm	lotus_notes_traveler	`8.5.0.1`
ibm	lotus_notes_traveler	`8.5.0.2`
ibm	lotus_notes_traveler	`8.5.1.1`
ibm	lotus_notes_traveler	`8.5.1.2`
ibm	lotus_notes_traveler	`8.5.1.3`
ibm	lotus_notes_traveler	`8.5.2.1`
ibm	lotus_notes_traveler	`8.5.3`
ibm	lotus_notes_traveler	`8.5.3.1`
ibm	lotus_notes_traveler	`8.5.3.2`
ibm	lotus_notes_traveler	`8.5.3.3`
ibm	rational_change	`4.7`
ibm	rational_change	`5.1`
ibm	rational_change	`5.2`
ibm	rational_change	`5.3`
ibm	rational_host_on-demand	`1.6.0.12`
ibm	rational_host_on-demand	`8.0.8.0`
ibm	rational_host_on-demand	`9.0.8.0`
ibm	rational_host_on-demand	`10.0.9.0`
ibm	rational_host_on-demand	`10.0.10.0`
ibm	rational_host_on-demand	`11.0.3.0`
ibm	rational_host_on-demand	`11.0.4.0`
ibm	rational_host_on-demand	`11.0.5.0`
ibm	rational_host_on-demand	`11.0.5.1`
ibm	rational_host_on-demand	`11.0.6.0`
ibm	rational_host_on-demand	`11.0.6.1`
ibm	service_delivery_manager	`7.2.1.0`
ibm	service_delivery_manager	`7.2.2.0`
ibm	smart_analytics_system_5600_software	`-`
ibm	smart_analytics_system_5600_software	`9.7`
ibm	tivoli_monitoring	`6.1.0`
ibm	tivoli_monitoring	`6.1.0.7`
ibm	tivoli_monitoring	`6.2.0`
ibm	tivoli_monitoring	`6.2.0.1`
ibm	tivoli_monitoring	`6.2.0.2`
ibm	tivoli_monitoring	`6.2.0.3`
ibm	tivoli_monitoring	`6.2.1`
ibm	tivoli_monitoring	`6.2.1.0`
ibm	tivoli_monitoring	`6.2.1.1`
ibm	tivoli_monitoring	`6.2.1.2`
ibm	tivoli_monitoring	`6.2.1.3`
ibm	tivoli_monitoring	`6.2.1.4`
ibm	tivoli_monitoring	`6.2.2`
ibm	tivoli_monitoring	`6.2.2.0`
ibm	tivoli_monitoring	`6.2.2.1`
ibm	tivoli_monitoring	`6.2.2.2`
ibm	tivoli_monitoring	`6.2.2.3`
ibm	tivoli_monitoring	`6.2.2.4`
ibm	tivoli_monitoring	`6.2.2.5`
ibm	tivoli_monitoring	`6.2.2.6`
ibm	tivoli_monitoring	`6.2.2.7`
ibm	tivoli_monitoring	`6.2.2.8`
ibm	tivoli_monitoring	`6.2.2.9`
ibm	tivoli_monitoring	`6.2.3`
ibm	tivoli_monitoring	`6.2.3.0`
ibm	tivoli_monitoring	`6.2.3.1`
ibm	tivoli_monitoring	`6.2.3.2`
ibm	tivoli_remote_control	`5.1.2`
ibm	websphere_real_time	`2.0`
ibm	websphere_real_time	`3.0`
tivoli_storage_productivity_center	5.0
tivoli_storage_productivity_center	5.1
tivoli_storage_productivity_center	5.1.1

References

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.