CVE-2013-0444 | Mend Vulnerability Database

Vulnerability DatabaseCVE-2013-0444

CVE-2013-0444

February 02, 2013

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient checks for cached results" by the Java Beans MethodFinder, which might allow attackers to access methods that should only be accessible to privileged code.

Related Resources (16)

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16614

http://marc.info/?l=bugtraq&m=136733161405818&w=2

http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

http://rhn.redhat.com/errata/RHSA-2013-0237.html

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907218

http://www.us-cert.gov/cas/techalerts/TA13-032A.html

http://security.gentoo.org/glsa/glsa-201406-32.xml

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19349

http://www.kb.cert.org/vuls/id/858729

https://access.redhat.com/security/cve/CVE-2013-0444

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056