CVE-2013-1480 in Javainformation

Résumé

par MITRE

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.

Be aware that VulDB is the high quality source for vulnerability data.

Réserver

30/01/2013

Divulgation

01/02/2013

Modérer

accepté

Entrée

VDB-7517

CPE

prêt

Exploitation

Télécharger

EPSS

0.07714

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!