PT-2013-2330 · Openjdk+5 · Openjdk+6

Publicado

2013-02-01

·

Atualizado

2024-06-15

·

CVE-2013-0435

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6 through Update 38 Oracle Java SE versions 7 through Update 11 OpenJDK versions 6 and 7
Description The issue affects confidentiality and is related to vectors in JAX-WS. There are claims that it may be related to improper restriction of com.sun.xml.internal packages and better handling of UI elements.
Recommendations For Oracle Java SE versions 6 through Update 38, update to a version later than Update 38. For Oracle Java SE versions 7 through Update 11, update to a version later than Update 11. For OpenJDK versions 6 and 7, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to JAX-WS components until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0245
CESA-2013_0247
CVE-2013-0435
HPSBUX02857
HPSBUX02864
OPENSUSE-SU-2013_0308-1
OPENSUSE-SU-2013_0312-1
OPENSUSE-SU-2013_0377-1
OPENSUSE-SU-2024:10534-1
RHSA-2013:0236
RHSA-2013:0237
RHSA-2013:0245
RHSA-2013:0246
RHSA-2013:0247
RHSA-2013:0625
RHSA-2013:0626
RHSA-2013:1455
RHSA-2013:1456
RHSA-2013_0236
RHSA-2013_0237
RHSA-2013_0245
RHSA-2013_0246
RHSA-2013_0247
RHSA-2013_0625
RHSA-2013_0626

Produtos afetados

Centos
Hp-Ux
Java Platform
Java Se
Openjdk
Red Hat
Suse