CVE-2013-0445

Oracle Java SE <7 Update 11, 6 Update 38, 5.0 Update 38 - Info Disc...

Title source: llm

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.

References (23)

Core 23

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1455.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0247.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1456.html

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=906900

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136439120408139&w=2

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:095

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/57689

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136570436423916&w=2

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0236.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16680

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/858729

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0237.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19372

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136733161405818&w=2

Release Notes x_refsource_confirm

http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19304

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19282

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0246.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0245.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Release Notes x_refsource_confirm

http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS

Third Party Advisory x_refsource_confirm

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Scores

EPSS 0.0128

EPSS Percentile 79.8%

Details

Status published

Products (5)

oracle/jdk 1.7.0 (11 CPE variants)

oracle/jdk 1.6.0 update22 (15 CPE variants)

oracle/jdk 1.5.0 update36 (2 CPE variants)

oracle/jre 1.7.0 (11 CPE variants)

oracle/jre 1.6.0 update22 (11 CPE variants)

Published Feb 02, 2013

Tracked Since Feb 18, 2026