PT-2013-3182 · Oracle+5 · Oracle Java Se+6

Publicado

2013-06-18

·

Atualizado

2024-06-15

·

CVE-2013-1500

CVSS v2.0

3.6

Baixa

VetorAV:L/AC:L/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 Update 21 and earlier Oracle Java SE versions 6 Update 45 and earlier Oracle Java SE versions 5.0 Update 45 and earlier OpenJDK 7
Description The issue affects confidentiality and integrity, allowing local users to exploit it via unknown vectors related to 2D. There are claims that this issue might be related to weak permissions for shared memory, but Oracle has not commented on these claims.
Recommendations For Oracle Java SE versions 7 Update 21 and earlier, update to a version later than Update 21. For Oracle Java SE versions 6 Update 45 and earlier, update to a version later than Update 45. For Oracle Java SE versions 5.0 Update 45 and earlier, update to a version later than Update 45. For OpenJDK 7, consider applying security patches or configuration changes as recommended by the vendor to mitigate the risk.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0957
CESA-2013_1014
CVE-2013-1500
DSA-2722-1
DSA-2727-1
HPSBUX02908
HPSBUX02922
MGASA-2013-0185
MGASA-2013-0208
OPENSUSE-SU-2024:10534-1
RHSA-2013:0957
RHSA-2013:0958
RHSA-2013:0963
RHSA-2013:1014
RHSA-2013:1059
RHSA-2013:1060
RHSA-2013:1081
RHSA-2013:1455
RHSA-2013:1456
RHSA-2013_0957
RHSA-2013_0958
RHSA-2013_0963
RHSA-2013_1014
RHSA-2013_1059
RHSA-2013_1060
RHSA-2013_1081
RHSA-2014:0414
RHSA-2014_0414
SUSE-SU-2013_1238-1
SUSE-SU-2013_1254-1
SUSE-SU-2013_1255-1
SUSE-SU-2013_1255-2
SUSE-SU-2013_1255-3
SUSE-SU-2013_1257-1
SUSE-SU-2013_1263-1
SUSE-SU-2013_1263-2
SUSE-SU-2013_1264-1
SUSE-SU-2013_1305-1

Produtos afetados

Centos
Hp-Ux
Java Platform
Openjdk
Oracle Java Se
Red Hat
Suse