CVE-2012-0507

Name of the Vulnerable Software and Affected Versions Java Runtime Environment versions 5.0 Update 33 and earlier Java Runtime Environment versions 6 Update 30 and earlier Java Runtime Environment versions 7 Update 2 and earlier

Description The issue is related to an unspecified vulnerability in the Java Runtime Environment component, allowing remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. This may be caused by the AtomicReferenceArray class implementation not ensuring that the array is of the Object[] type, potentially allowing attackers to cause a denial of service or bypass Java sandbox restrictions.

Recommendations For Java Runtime Environment versions 5.0 Update 33 and earlier, update to a version later than Update 33 to resolve the issue. For Java Runtime Environment versions 6 Update 30 and earlier, update to a version later than Update 30 to resolve the issue. For Java Runtime Environment versions 7 Update 2 and earlier, update to a version later than Update 2 to resolve the issue. As a temporary workaround, consider restricting access to the Concurrency component until a patch is available.