Published: 08/03/2013 Updated: 19/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and previous versions and JavaFX 2.2.7 and previous versions allows remote malicious users to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle javafx
oracle jdk 1.7.0
oracle jre 1.7.0

Synopsis Critical: java-170-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-170-oracle packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having crit ...

CWE-119 https://twitter.com/thezdi/status/309484730506698752 http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157 http://www.zdnet.com/pwn2own-down-go-all-the-browsers-7000012283/http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html http://rhn.redhat.com/errata/RHSA-2013-0757.html http://www.us-cert.gov/ncas/alerts/TA13-107A https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15728 https://access.redhat.com/errata/RHSA-2013:0757 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-0402

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect