CVE-2013-1488
08.03.2013, 18:55
The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.
Vendor | Product | Version |
---|---|---|
oracle | jdk | 1.7.0 |
oracle | jre | 1.7.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Ubuntu Product | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
openjdk-6 |
| ||||||||||||
openjdk-6b18 |
| ||||||||||||
openjdk-7 |
|
References