CVE-2013-0429
02.02.2013, 00:55
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jre | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jdk | 1.7.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| oracle | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| sun | jre | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| oracle | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| sun | jdk | 1.6.0 |
| oracle | jre | 1.5.0 |
| oracle | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| sun | jre | 1.5.0 |
| oracle | jdk | 1.5.0 |
| oracle | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
| sun | jdk | 1.5.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| openjdk-6 |
| ||||||||||
| openjdk-6b18 |
| ||||||||||
| openjdk-7 |
| ||||||||||
| sun-java5 |
| ||||||||||
| sun-java6 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||
|---|---|---|---|---|---|---|---|
| java-1_7_0-openjdk |
| ||||||
| java-1_7_0-openjdk-demo |
| ||||||
| java-1_7_0-openjdk-devel |
| ||||||
| java-1_7_0-openjdk-headless |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||
|---|---|---|---|
| java-1.6.0-openjdk |
| ||
| java-1.6.0-openjdk-demo |
| ||
| java-1.6.0-openjdk-devel |
| ||
| java-1.6.0-openjdk-javadoc |
| ||
| java-1.6.0-openjdk-src |
| ||
| java-1.6.0-sun |
| ||
| java-1.6.0-sun-demo |
| ||
| java-1.6.0-sun-devel |
| ||
| java-1.6.0-sun-jdbc |
| ||
| java-1.6.0-sun-plugin |
| ||
| java-1.6.0-sun-src |
| ||
| java-1.7.0-openjdk |
| ||
| java-1.7.0-openjdk-demo |
| ||
| java-1.7.0-openjdk-devel |
| ||
| java-1.7.0-openjdk-javadoc |
| ||
| java-1.7.0-openjdk-src |
| ||
| java-1.7.0-oracle |
| ||
| java-1.7.0-oracle-devel |
| ||
| java-1.7.0-oracle-javafx |
| ||
| java-1.7.0-oracle-jdbc |
| ||
| java-1.7.0-oracle-plugin |
| ||
| java-1.7.0-oracle-src |
|
References