Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0431

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-0431
Last Modified 04 Oct 2014 01:01:39
Published 31 Jan 2013 09:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-0431

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.

Vulnerable Systems

Application

  • Oracle Jdk 1.7.0

  • Oracle Jre 1.7.0


References

BUGTRAQ - 20130122 Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable

CONFIRM - http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

MISC - http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717

FULLDISC - 20130118 [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable

MISC - http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53

MISC - http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/

REDHAT - RHSA-2013:0237

CERT - TA13-032A

CERT-VN - VU#858729

REDHAT - RHSA-2013:0247

SUSE - openSUSE-SU-2013:0377

HP - SSRT101184

HP - HPSBMU02874

HP - HPSBUX02857

HP - SSRT101103

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

MANDRIVA - MDVSA-2013:095

GENTOO - GLSA-201406-32

Related Patches

Oracle Java JRE 1.7.0_13 for Mac OS X (Update)

Oracle Java JRE 1.7.0_13 for Windows (Update) (All Languages) (See Notes) (Rev 2)

Oracle Java JRE 1.7.0_13 for Windows (Update) (64Bit) (All Languages) (See Notes) (Rev 2)

Novell SUSE 2013:7454 java-1_7_0-ibm security update for SLES 11 SP2 i586

Novell SUSE 2013:7454 java-1_7_0-ibm security update for SLES 11 SP2 x86_64


Last Updated: 27 May 2016 11:01:46