CVE-2013-5893

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u45 Oracle Java SE Embedded versions 7u45 OpenJDK 7

Description The issue allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. It is claimed by third parties that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.

Recommendations For Oracle Java SE version 7u45, update to a version that addresses the issue. For Oracle Java SE Embedded version 7u45, update to a version that addresses the issue. For OpenJDK 7, update to a version that addresses the issue. As a temporary workaround, consider restricting access to the MethodHandles in HotSpot JVM to minimize the risk of exploitation.