CVE-2013-0444 in Java
요약 (영어)
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient checks for cached results" by the Java Beans MethodFinder, which might allow attackers to access methods that should only be accessible to privileged code.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
예약하다
2012. 12. 07.
공개
2013. 02. 01.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 7541 | Oracle Java Beans 크로스 사이트 스크립팅 | 80 | 정의되지 않음 | 공식 수정 | CVE-2013-0444 |