The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and previous versions, 6 Update 43 and previous versions, 5.0 Update 41 and previous versions, and JavaFX 2.2.7 and previous versions allows remote malicious users to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle jre 1.7.0 |
||
oracle jdk 1.7.0 |