Количество 15
Количество 15
CVE-2013-0401
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
CVE-2013-0401
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
CVE-2013-0401
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
CVE-2013-0401
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat ...
GHSA-7fc2-vc87-69w8
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
ELSA-2013-0770
ELSA-2013-0770: java-1.6.0-openjdk security update (IMPORTANT)
ELSA-2013-0752
ELSA-2013-0752: java-1.7.0-openjdk security update (IMPORTANT)
ELSA-2013-0751
ELSA-2013-0751: java-1.7.0-openjdk security update (CRITICAL)
SUSE-SU-2015:1086-2
Security update for IBM Java
SUSE-SU-2015:1086-4
Security update for IBM Java
SUSE-SU-2015:0343-1
Security update for IBM Java
SUSE-SU-2015:1086-1
Security update for IBM Java 6
SUSE-SU-2015:0392-1
Security update for IBM Java 6
SUSE-SU-2015:1086-3
Security update for IBM Java 7
SUSE-SU-2015:0344-1
Security update for IBM Java 7
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2013-0401 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | CVSS2: 10 | 10% Средний | почти 13 лет назад |
 | CVE-2013-0401 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | CVSS2: 6.8 | 10% Средний | почти 13 лет назад |
 | CVE-2013-0401 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | CVSS2: 10 | 10% Средний | почти 13 лет назад |
| CVE-2013-0401 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Updat ... | CVSS2: 10 | 10% Средний | почти 13 лет назад |
| GHSA-7fc2-vc87-69w8 The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions. | 10% Средний | почти 4 года назад | |
| ELSA-2013-0770 ELSA-2013-0770: java-1.6.0-openjdk security update (IMPORTANT) | почти 13 лет назад | ||
| ELSA-2013-0752 ELSA-2013-0752: java-1.7.0-openjdk security update (IMPORTANT) | почти 13 лет назад | ||
| ELSA-2013-0751 ELSA-2013-0751: java-1.7.0-openjdk security update (CRITICAL) | почти 13 лет назад | ||
 | SUSE-SU-2015:1086-2 Security update for IBM Java | около 11 лет назад | ||
| SUSE-SU-2015:1086-4 Security update for IBM Java | около 11 лет назад | ||
| SUSE-SU-2015:0343-1 Security update for IBM Java | около 11 лет назад | ||
| SUSE-SU-2015:1086-1 Security update for IBM Java 6 | около 12 лет назад | ||
| SUSE-SU-2015:0392-1 Security update for IBM Java 6 | около 12 лет назад | ||
| SUSE-SU-2015:1086-3 Security update for IBM Java 7 | около 12 лет назад | ||
| SUSE-SU-2015:0344-1 Security update for IBM Java 7 | около 12 лет назад |
Уязвимостей на страницу