Mandriva Linux Security Advisory 2013-095 - Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Various other issues were also addressed.
45b414ad1d7bafe7ea541cbe9a5e727f7af41ca7e2b60153b3a757f05bea9ebeRed Hat Security Advisory 2013-0624-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1aa3a61ce84d8dfe3989766a7d64b1570da3b7bf518c863cc35cbbfe38e7ca3dUbuntu Security Notice 1724-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. Various other issues were also addressed.
6218f8f57e733bdd2f7a60a804b1864c5be41bdd2813a63ae483e8c9a247a0ceMandriva Linux Security Advisory 2013-010 - Multiple security issues were identified and fixed in OpenJDK. The updated packages provides icedtea6-1.11.6 which is not vulnerable to these issues.
c969e5649ff8c0438fc75c05091dea0b22ca3f91072532f86108cdc5f23005c4Red Hat Security Advisory 2013-0247-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
678a54c1664ff770debd05c63bc8a176ff587c26ee8b015579c7f532bd183e1eRed Hat Security Advisory 2013-0246-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
10735290a5dc676969d2a7a69436018db9cd0828c0b7a99c367762c523762e05Red Hat Security Advisory 2013-0245-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
b041e0c6ea0f048ebb989257b4fde9f81f4d30bca7362956d7da0fe1c10975acThis is an archive that houses all of the proof of concept code for the issues affecting Java SE as reported in SE-2012-01 by Security Explorations.
29990bedc5aaf8fec7315dabd3c309b9e55195b778db471fd572429d9a0d9159These are the technical details surrounding security issues reported by Security Explorations to Oracle and addressed in the Feb 2013 SE CPU update.
ccd58e7acc715c85b1b15f83532e23d25e3fd385be0fae2a1ca2e5abcde6cd00
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed