CVE-2013-1537 in JavaИнформация

Сводка (Английский)

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Резервировать

30.01.2013

Раскрытие

17.04.2013

Статус

Подтверждённый

Записи

VulDB provides additional information and datapoints for this CVE:

ИДУязвимостьCWEЭксКонCVE
8268Oracle Java RMI повреждение памяти119Не определеноОфициальное исправлениеCVE-2013-1537

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

Источники

ПредыдущийОбзорДалее

Want to stay up to date on a daily basis?

Enable the mail alert feature now!