Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-2431

Опубликовано: 16 апр. 2013
Источник: redhat
CVSS2: 6.8
EPSS Средний

Описание

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5java-1.6.0-sunAffected
Red Hat Enterprise Linux 6java-1.6.0-sunAffected
Red Hat Enterprise Linux 5java-1.7.0-openjdkFixedRHSA-2013:075217.04.2013
Red Hat Enterprise Linux 5java-1.6.0-openjdkFixedRHSA-2013:077024.04.2013
Red Hat Enterprise Linux 6java-1.7.0-openjdkFixedRHSA-2013:075117.04.2013
Red Hat Enterprise Linux 6java-1.6.0-openjdkFixedRHSA-2013:077024.04.2013
Supplementary for Red Hat Enterprise Linux 5java-1.7.0-oracleFixedRHSA-2013:075718.04.2013
Supplementary for Red Hat Enterprise Linux 6java-1.7.0-oracleFixedRHSA-2013:075718.04.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=952645OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)

EPSS

Процентиль: 94%
0.16095
Средний

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-2431

ubuntu
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."

nvd логотип

CVE-2013-2431

nvd
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."

debian логотип

CVE-2013-2431

debian
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...

github логотип

GHSA-mf4r-q9jv-3wcr

github
больше 3 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."

oracle-oval логотип

ELSA-2013-0770

oracle-oval
больше 12 лет назад

ELSA-2013-0770: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 94%
0.16095
Средний

6.8 Medium

CVSS2