PT-2013-1342 · Oracle+3 · Java Runtime Environment+4

Kafeine

Publicado

2013-01-10

Atualizado

2025-03-13

CVE-2013-0422

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (affected versions not specified)

Description The issue is related to the getMBeanInstantiator method in the JmxMBeanServer class of the Java Runtime Environment, which is associated with access control weaknesses. Exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264CWE-284

Identificadores relacionados

BDU:2022-03304

CESA-2013_0165

CVE-2013-0422

ELSA-2013-0165

OPENSUSE-SU-2013_0199-1

OPENSUSE-SU-2024:10534-1

RHSA-2013:0156

RHSA-2013:0165

RHSA-2013:0626

RHSA-2013_0156

RHSA-2013_0165

RHSA-2013_0626

Produtos afetados

Centos

Java Platform

Java Runtime Environment

Red Hat

Suse

PT-2013-1342 · Oracle+3 · Java Runtime Environment+4

CVE-2013-0422

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 341