Back to search
CVE-2012-4420
Published: Dec 26, 2019
Modified: Aug 6, 2024
PUBLISHED
Description
An information disclosure flaw was found in the way the Java Virtual Machine (JVM) implementation of Java SE 7 as provided by OpenJDK 7 incorrectly initialized integer arrays after memory allocation (in certain circumstances they had nonzero elements right after the allocation). A remote attacker could use this flaw to obtain potentially sensitive information.
| Vendor | Product | Versions |
|---|---|---|
java-1.7.0-openjdk | java-1.7.0-openjdk | affected 1.7.0_04 to 1.7.0_10 |
References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4420
x_refsource_MISC
https://access.redhat.com/security/cve/cve-2012-4420
x_refsource_MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/78693
x_refsource_MISC
http://www.openwall.com/lists/oss-security/2012/09/13/3
x_refsource_MISC
http://www.securityfocus.com/bid/55538
x_refsource_MISC
https://www.openwall.com/lists/oss-security/2012/09/12/4
x_refsource_MISC
https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7196857
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now