PT-2013-3157 · Openjdk+5 · Openjdk+6

Publicado

2012-11-15

·

Atualizado

2024-06-15

·

CVE-2013-1475

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 through Update 11 Oracle Java SE versions 6 through Update 38 Oracle Java SE versions 5.0 through Update 38 Oracle Java SE version 1.4.2 40 and earlier OpenJDK versions 6 and 7
Description The issue allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. It is reportedly related to "IIOP type reuse management" in ObjectStreamClass.java, although Oracle has not commented on these claims.
Recommendations For Oracle Java SE versions 7 through Update 11, update to a version later than Update 11. For Oracle Java SE versions 6 through Update 38, update to a version later than Update 38. For Oracle Java SE versions 5.0 through Update 38, update to a version later than Update 38. For Oracle Java SE version 1.4.2 40 and earlier, update to a version later than 1.4.2 40. For OpenJDK versions 6 and 7, update to a version that includes the fix for this issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0245
CESA-2013_0247
CVE-2013-1475
HPSBUX02857
HPSBUX02864
OPENSUSE-SU-2013_0308-1
OPENSUSE-SU-2013_0312-1
OPENSUSE-SU-2013_0377-1
OPENSUSE-SU-2024:10534-1
RHSA-2012:1465
RHSA-2012:1466
RHSA-2012:1467
RHSA-2012:1485
RHSA-2012_1465
RHSA-2012_1466
RHSA-2012_1467
RHSA-2013:0236
RHSA-2013:0237
RHSA-2013:0245
RHSA-2013:0246
RHSA-2013:0247
RHSA-2013_0236
RHSA-2013_0237
RHSA-2013_0245
RHSA-2013_0246
RHSA-2013_0247

Produtos afetados

Centos
Hp-Ux
Java Platform
Java Se
Openjdk
Red Hat
Suse