PT-2013-2328 · Oracle+4 · Java Runtime Environment+6

Stefan Cornelius

·

Publicado

2013-02-01

·

Atualizado

2024-06-15

·

CVE-2013-0433

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 5.0 through Update 38 Java Runtime Environment (JRE) versions 6 through Update 38 Java Runtime Environment (JRE) versions 7 through Update 11 OpenJDK versions 6 and 7
Description The issue affects the integrity of the system via unknown vectors related to Networking. It is reported that this issue may allow remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Recommendations For Java Runtime Environment (JRE) versions 5.0 through Update 38, update to a version later than Update 38. For Java Runtime Environment (JRE) versions 6 through Update 38, update to a version later than Update 38. For Java Runtime Environment (JRE) versions 7 through Update 11, update to a version later than Update 11. For OpenJDK versions 6 and 7, consider upgrading to a newer version that may include fixes for this issue. As a temporary workaround, consider restricting access to networking components until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0245
CESA-2013_0247
CVE-2013-0433
HPSBUX02857
HPSBUX02864
OPENSUSE-SU-2013_0308-1
OPENSUSE-SU-2013_0312-1
OPENSUSE-SU-2013_0377-1
OPENSUSE-SU-2024:10534-1
RHSA-2013:0236
RHSA-2013:0237
RHSA-2013:0245
RHSA-2013:0246
RHSA-2013:0247
RHSA-2013:0624
RHSA-2013:0625
RHSA-2013:0626
RHSA-2013:1455
RHSA-2013:1456
RHSA-2013_0236
RHSA-2013_0237
RHSA-2013_0245
RHSA-2013_0246
RHSA-2013_0247
RHSA-2013_0624
RHSA-2013_0625
RHSA-2013_0626

Produtos afetados

Centos
Hp-Ux
Java Platform
Java Runtime Environment
Openjdk
Red Hat
Suse