CVE-2012-5076

Oracle Java SE Sandbox Bypass Vulnerability

The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Vendor/Product: Oracle Java SE. Added to CISA KEV 2022-03-28; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2012-5076