CVE Reference: CVE-2013-1500

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-1500

Description:
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.

CVE Status:
Candidate

References:

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
  http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
  http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
  http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

SAID
  Secunia Advisory: SA54154

REDHAT
  http://rhn.redhat.com/errata/RHSA-2013-1059.html
  http://rhn.redhat.com/errata/RHSA-2013-1456.html
  http://rhn.redhat.com/errata/RHSA-2013-1455.html
  http://rhn.redhat.com/errata/RHSA-2013-1060.html
  http://rhn.redhat.com/errata/RHSA-2013-1081.html
  http://rhn.redhat.com/errata/RHSA-2013-0963.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:17221
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19663
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19726

MISC
  http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/1111f9acb96b

MANDRIVA
  http://www.mandriva.com/security/advisories?name=MDVSA-2013:183

HP
  http://marc.info/?l=bugtraq&m=137545592101387&w=2
  http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880

GENTOO
  http://security.gentoo.org/glsa/glsa-201406-32.xml

CONFIRM
  http://advisories.mageia.org/MGASA-2013-0185.html
  http://www-01.ibm.com/support/docview.wss?uid=swg21644197
  http://www-01.ibm.com/support/docview.wss?uid=swg21642336
  http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=975148
  http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

CERT
  http://www.us-cert.gov/ncas/alerts/TA13-169A


Return to the previous page.