PT-2013-3162 · Openjdk+5 · Openjdk+6

Tomas Hoger

Publicado

2013-02-01

Atualizado

2024-06-15

CVE-2013-1480

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 through Update 11 Oracle Java SE versions 6 through Update 38 Oracle Java SE versions 5.0 through Update 38 Oracle Java SE version 1.4.2 40 and earlier OpenJDK versions 6 and 7

Description The issue allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. It is reportedly related to insufficient validation of raster parameters in awt parseImage.c, which triggers memory corruption.

Recommendations For Oracle Java SE versions 7 through Update 11, update to a version later than Update 11. For Oracle Java SE versions 6 through Update 38, update to a version later than Update 38. For Oracle Java SE versions 5.0 through Update 38, update to a version later than Update 38. For Oracle Java SE version 1.4.2 40 and earlier, update to a version later than 1.4.2 40. For OpenJDK versions 6 and 7, update to a version that includes the fix for this issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0245

CESA-2013_0247

CVE-2013-1480

HPSBUX02857

HPSBUX02864

OPENSUSE-SU-2013_0377-1

OPENSUSE-SU-2024:10534-1

RHSA-2013:0236

RHSA-2013:0237

RHSA-2013:0245

RHSA-2013:0246

RHSA-2013:0247

RHSA-2013:0624

RHSA-2013:0625

RHSA-2013:0626

RHSA-2013:1455

RHSA-2013:1456

RHSA-2013_0236

RHSA-2013_0237

RHSA-2013_0245

RHSA-2013_0246

RHSA-2013_0247

RHSA-2013_0624

RHSA-2013_0625

RHSA-2013_0626

ZDI-13-022

Produtos afetados

Centos

Hp-Ux

Java Platform

Java Se

Openjdk

Red Hat

Suse

PT-2013-3162 · Openjdk+5 · Openjdk+6

CVE-2013-1480

Identificadores relacionados

Produtos afetados

Referências · 483