PT-2013-3752 · Openjdk+5 · Openjdk+6

Stefan Cornelius

·

Publicado

2013-04-17

·

Atualizado

2024-06-15

·

CVE-2013-2417

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7 Update 17 and earlier Oracle Java SE versions 6 Update 43 and earlier Oracle Java SE versions 5.0 Update 41 and earlier OpenJDK versions 6 and 7
Description The issue allows remote attackers to affect availability via unknown vectors related to Networking. There are claims that this issue might be related to an information leak involving InetAddress serialization, but this has not been confirmed by Oracle.
Recommendations For Oracle Java SE versions 7 Update 17 and earlier, update to a version later than Update 17. For Oracle Java SE versions 6 Update 43 and earlier, update to a version later than Update 43. For Oracle Java SE versions 5.0 Update 41 and earlier, update to a version later than Update 41. For OpenJDK versions 6 and 7, consider restricting access to networking components until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2013_0751
CESA-2013_0770
CVE-2013-2417
HPSBUX02889
HPSBUX02922
OPENSUSE-SU-2024:10534-1
RHSA-2013:0751
RHSA-2013:0752
RHSA-2013:0757
RHSA-2013:0758
RHSA-2013:0770
RHSA-2013:0822
RHSA-2013:0823
RHSA-2013:0855
RHSA-2013:1455
RHSA-2013:1456
RHSA-2013_0751
RHSA-2013_0752
RHSA-2013_0757
RHSA-2013_0758
RHSA-2013_0770
RHSA-2013_0822
RHSA-2013_0823
RHSA-2013_0855

Produtos afetados

Centos
Hp-Ux
Java Platform
Java Se
Openjdk
Red Hat
Suse