PT-2013-1342 · Oracle+3 · Java Runtime Environment+4

Kafeine

Published

2013-01-10

Updated

2025-03-13

CVE-2013-0422

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (affected versions not specified)

Description The issue is related to the getMBeanInstantiator method in the JmxMBeanServer class of the Java Runtime Environment, which is associated with access control weaknesses. Exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

RCE

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264CWE-284

Related Identifiers

BDU:2022-03304

CESA-2013_0165

CVE-2013-0422

ELSA-2013-0165

OPENSUSE-SU-2013_0199-1

OPENSUSE-SU-2024:10534-1

RHSA-2013:0156

RHSA-2013:0165

RHSA-2013:0626

RHSA-2013_0156

RHSA-2013_0165

RHSA-2013_0626

Affected Products

Centos

Java Platform

Java Runtime Environment

Red Hat

Suse

PT-2013-1342 · Oracle+3 · Java Runtime Environment+4

CVE-2013-0422

Weakness Enumeration

Related Identifiers

Affected Products

References · 341