Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0444

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2013-0444
Last Modified 04 Oct 2014 01:01:43
Published 01 Feb 2013 07:55:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2013-0444

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient checks for cached results" by the Java Beans MethodFinder, which might allow attackers to access methods that should only be accessible to privileged code.

Vulnerable Systems

Application

  • Oracle Jdk 1.7.0

  • Oracle Jre 1.7.0


References

CONFIRM - http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

REDHAT - RHSA-2013:0237

CERT - TA13-032A

CERT-VN - VU#858729

REDHAT - RHSA-2013:0247

SUSE - openSUSE-SU-2013:0377

CONFIRM - http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ce04db4aba39

CONFIRM - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907218

HP - SSRT101184

HP - HPSBMU02874

HP - HPSBUX02857

HP - SSRT101103

CONFIRM - https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

MANDRIVA - MDVSA-2013:095

GENTOO - GLSA-201406-32

Related Patches

Oracle Java JRE 1.7.0_13 for Mac OS X (Update)

Oracle Java JRE 1.7.0_13 for Windows (Update) (All Languages) (See Notes) (Rev 2)

Oracle Java JRE 1.7.0_13 for Windows (Update) (64Bit) (All Languages) (See Notes) (Rev 2)

Novell SUSE 2013:7454 java-1_7_0-ibm security update for SLES 11 SP2 i586

Novell SUSE 2013:7454 java-1_7_0-ibm security update for SLES 11 SP2 x86_64


Last Updated: 27 May 2016 11:01:47