Detections
Analytics
CVE-2013-0445
critical
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.
References
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19372
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19304
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19282
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16680
https://bugzilla.redhat.com/show_bug.cgi?id=906900
http://www.us-cert.gov/cas/techalerts/TA13-032A.html
http://www.securityfocus.com/bid/57689
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
http://www.kb.cert.org/vuls/id/858729
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-0247.html
http://rhn.redhat.com/errata/RHSA-2013-0246.html
http://rhn.redhat.com/errata/RHSA-2013-0245.html
http://rhn.redhat.com/errata/RHSA-2013-0237.html
http://rhn.redhat.com/errata/RHSA-2013-0236.html
http://marc.info/?l=bugtraq&m=136733161405818&w=2
http://marc.info/?l=bugtraq&m=136570436423916&w=2
http://marc.info/?l=bugtraq&m=136439120408139&w=2
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS