Published: 02/02/2013 Updated: 13/05/2022

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 676

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote malicious users to bypass Java sandbox restrictions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle jre 1.7.0
oracle jdk 1.7.0
sun jre 1.6.0
oracle jre 1.6.0
sun jdk 1.6.0
oracle jdk 1.6.0
sun jre 1.5.0
oracle jre 1.5.0
sun jdk 1.5.0
oracle jdk 1.5.0

Several security issues were fixed in OpenJDK ...

Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security im ...

Synopsis Critical: java-160-openjdk security update Type/Severity Security Advisory: Critical Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impac ...

Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://rhn.redhat.com/errata/RHSA-2013-0237.html http://rhn.redhat.com/errata/RHSA-2013-0236.html http://www.us-cert.gov/cas/techalerts/TA13-032A.html http://www.kb.cert.org/vuls/id/858729 http://rhn.redhat.com/errata/RHSA-2013-0245.html http://rhn.redhat.com/errata/RHSA-2013-0247.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907460 http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS http://rhn.redhat.com/errata/RHSA-2013-0246.html http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/c1ed8145c1b8 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html http://marc.info/?l=bugtraq&m=136439120408139&w=2 http://marc.info/?l=bugtraq&m=136570436423916&w=2 http://marc.info/?l=bugtraq&m=136733161405818&w=2 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056 http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.securityfocus.com/bid/57710 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19457 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19342 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19300 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16649 https://usn.ubuntu.com/1724-1/https://nvd.nist.gov https://www.kb.cert.org/vuls/id/858729

CVE-2013-0429

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect