Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.
References
Link Resource
http://advisories.mageia.org/MGASA-2013-0185.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/ec931d812faa
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
http://marc.info/?l=bugtraq&m=137545505800971&w=2
http://marc.info/?l=bugtraq&m=137545592101387&w=2
http://rhn.redhat.com/errata/RHSA-2013-0963.html
http://rhn.redhat.com/errata/RHSA-2013-1059.html
http://rhn.redhat.com/errata/RHSA-2013-1060.html
http://rhn.redhat.com/errata/RHSA-2013-1081.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/54154
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html Vendor Advisory
http://www.securityfocus.com/bid/60650
http://www.us-cert.gov/ncas/alerts/TA13-169A US Government Resource
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.redhat.com/show_bug.cgi?id=975129
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17236
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19237
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19407
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19470
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2013-06-18T22:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2013-03-05T00:00:00


Link: CVE-2013-2454

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-06-18T22:55:02.597

Modified: 2022-05-13T14:52:53.890


Link: CVE-2013-2454

JSON object: View

cve-icon Redhat Information

No data.