Mandriva Linux Security Advisory 2013-095 - Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Various other issues were also addressed.
45b414ad1d7bafe7ea541cbe9a5e727f7af41ca7e2b60153b3a757f05bea9ebeRed Hat Security Advisory 2013-0625-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1ca66d8c35de0807dc60e9a4a9cf02f2ef07d5d9c872f56c3f2ba4680cca6553Red Hat Security Advisory 2013-0624-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
1aa3a61ce84d8dfe3989766a7d64b1570da3b7bf518c863cc35cbbfe38e7ca3dApple Security Advisory 2013-02-19-1 - Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41.
efaa78c6307bff18b0f0f70b5b7bddb17aeaa75941096769958b8ee66696c872Ubuntu Security Notice 1724-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. Various other issues were also addressed.
6218f8f57e733bdd2f7a60a804b1864c5be41bdd2813a63ae483e8c9a247a0ceMandriva Linux Security Advisory 2013-010 - Multiple security issues were identified and fixed in OpenJDK. The updated packages provides icedtea6-1.11.6 which is not vulnerable to these issues.
c969e5649ff8c0438fc75c05091dea0b22ca3f91072532f86108cdc5f23005c4Red Hat Security Advisory 2013-0247-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
678a54c1664ff770debd05c63bc8a176ff587c26ee8b015579c7f532bd183e1eRed Hat Security Advisory 2013-0246-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
10735290a5dc676969d2a7a69436018db9cd0828c0b7a99c367762c523762e05Red Hat Security Advisory 2013-0245-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
b041e0c6ea0f048ebb989257b4fde9f81f4d30bca7362956d7da0fe1c10975acThis is an archive that houses all of the proof of concept code for the issues affecting Java SE as reported in SE-2012-01 by Security Explorations.
29990bedc5aaf8fec7315dabd3c309b9e55195b778db471fd572429d9a0d9159These are the technical details surrounding security issues reported by Security Explorations to Oracle and addressed in the Feb 2013 SE CPU update.
ccd58e7acc715c85b1b15f83532e23d25e3fd385be0fae2a1ca2e5abcde6cd00Apple Security Advisory 2013-02-01-1 - Multiple vulnerabilities exist in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_39.
c7879672067e4870f87d194d16149752cfcfc59a5ff6d331b4196e503807e190
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed