Published: 02/02/2013 Updated: 13/05/2022

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote malicious users to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of "privileges of the code" that bypasses the sandbox.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle jre 1.7.0
oracle jdk 1.7.0
sun jre 1.6.0
oracle jre 1.6.0
sun jdk 1.6.0
oracle jdk 1.6.0
sun jre 1.5.0
oracle jre 1.5.0
sun jdk 1.5.0
oracle jdk 1.5.0

Several security issues were fixed in OpenJDK ...

Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security im ...

Synopsis Critical: java-150-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...

Synopsis Critical: java-160-openjdk security update Type/Severity Security Advisory: Critical Topic Updated java-160-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impac ...

Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...

Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 55The Red Hat Security Response Team has rated this update as ha ...

Synopsis Critical: java-170-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-170-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...

Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix several security issues arenow available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant secur ...

Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54The Red Hat Security Response Team has rated this update as ha ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://rhn.redhat.com/errata/RHSA-2013-0237.html http://rhn.redhat.com/errata/RHSA-2013-0236.html http://www.us-cert.gov/cas/techalerts/TA13-032A.html http://www.kb.cert.org/vuls/id/858729 http://rhn.redhat.com/errata/RHSA-2013-0245.html http://rhn.redhat.com/errata/RHSA-2013-0247.html http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS http://rhn.redhat.com/errata/RHSA-2013-0246.html https://bugzilla.redhat.com/show_bug.cgi?id=906900 http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69 http://marc.info/?l=bugtraq&m=136439120408139&w=2 http://marc.info/?l=bugtraq&m=136570436423916&w=2 http://marc.info/?l=bugtraq&m=136733161405818&w=2 http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056 http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 http://www.securityfocus.com/bid/57689 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19372 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19304 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19282 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16680 https://usn.ubuntu.com/1724-1/https://nvd.nist.gov https://www.kb.cert.org/vuls/id/858729

Get Started

CVE-2013-0445

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect