Ubuntu Security Notice (C) 2013 Canonical, Inc. / NASL script (C) 2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
USN-1755-1 fixed vulnerabilities in OpenJDK 6. This update provides
the corresponding updates for OpenJDK 7.
It was discovered that OpenJDK did not properly validate certain types
of images. A remote attacker could exploit this to cause OpenJDK to
It was discovered that OpenJDK did not properly check return
values when performing color conversion for images. If a
user were tricked into opening a crafted image with OpenJDK,
such as with the Java plugin, a remote attacker could cause
OpenJDK to crash or execute arbitrary code outside of the
Java sandbox with the privileges of the user invoking the
Update the affected packages.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true