PT-2013-2339 · Oracle+4 · Oracle Java Se+6

Tomas Hoger

Publicado

2013-02-01

Atualizado

2024-06-15

CVE-2013-0444

CVSS v2.0

7.6

Alta

Vetor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 through Update 11 OpenJDK 7

Description The issue allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. It is reportedly related to insufficient checks for cached results by the Java Beans MethodFinder, which might allow attackers to access methods that should only be accessible to privileged code.

Recommendations For Oracle Java SE versions 7 through Update 11, update to a version later than Update 11. For OpenJDK 7, consider disabling the Java Beans MethodFinder as a temporary workaround until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0247

CVE-2013-0444

HPSBUX02857

OPENSUSE-SU-2013_0377-1

OPENSUSE-SU-2024:10534-1

RHSA-2013:0237

RHSA-2013:0247

RHSA-2013:0626

RHSA-2013_0237

RHSA-2013_0247

RHSA-2013_0626

Produtos afetados

Centos

Hp-Ux

Java Platform

Openjdk

Oracle Java Se

Red Hat

Suse

PT-2013-2339 · Oracle+4 · Oracle Java Se+6

CVE-2013-0444

Identificadores relacionados

Produtos afetados

Referências · 457