CVE-2013-0450

Oracle Java SE <7 Update 11, 6 Update 38, 5.0 Update 38 - Info Disc...

Title source: llm

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.

References (26)

Core 26

Core References

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:095

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136570436423916&w=2

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=906911

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0236.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19363

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1455.html

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/858729

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0237.html

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136439120408139&w=2

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0247.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19572

Release Notes x_refsource_confirm

http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6e0d9f4942af

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=136733161405818&w=2

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19286

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0246.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1456.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0245.html

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Release Notes x_refsource_confirm

http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/57703

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16550

Third Party Advisory x_refsource_confirm

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Scores

EPSS 0.0104

EPSS Percentile 77.7%

Details

Status published

Products (5)

oracle/jdk 1.7.0 (11 CPE variants)

oracle/jdk 1.6.0 update22 (15 CPE variants)

oracle/jdk 1.5.0 update36 (2 CPE variants)

oracle/jre 1.7.0 (11 CPE variants)

oracle/jre 1.6.0 update22 (11 CPE variants)

Published Feb 02, 2013

Tracked Since Feb 18, 2026