exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2013-1486

Status Candidate

Overview

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Related Files

Red Hat Security Advisory 2013-0624-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0624-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0409, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0450, CVE-2013-0809, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1493
SHA-256 | 1aa3a61ce84d8dfe3989766a7d64b1570da3b7bf518c863cc35cbbfe38e7ca3d
Mandriva Linux Security Advisory 2013-014
Posted Feb 25, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-014 - Multiple security issues were identified and fixed in OpenJDK. MBeanServer access restrictions were added, improved TLS handling of invalid messages, and more.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-0169, CVE-2013-1486, CVE-2013-1487
SHA-256 | 8ac40eb4b2ce07209ddf331559853b548ca985e61c74804dcf0ddfa8c2e80994
Ubuntu Security Notice USN-1735-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1735-1 - Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol, info disclosure
systems | linux, ubuntu
advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487
SHA-256 | 2261cb93a882de20b7e4c81f5368c093e6bdc017b92efb2dc8c82925d609cdd8
Red Hat Security Advisory 2013-0532-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0532-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 15 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487
SHA-256 | 715f873e25410bc468e412c2a033bb64beb683efec1499c2641f64dcbd2dd75b
Red Hat Security Advisory 2013-0531-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0531-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes three vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 41. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1486, CVE-2013-1487
SHA-256 | 02aadfa81bfc8c12143738a124655e974f4700f9e9aebca7ab5638be2cd5ef43
Red Hat Security Advisory 2013-0275-01
Posted Feb 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0275-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486
SHA-256 | 158967611fc416ac990e91ac6875a316e09285ecee34a665570603958dc51cd6
Red Hat Security Advisory 2013-0274-01
Posted Feb 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0274-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.

tags | advisory, java, remote, protocol
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1486
SHA-256 | 1c3483b62f9201a000a9a33304c470c2728d668d5254f683b0d4d35038b7b433
Red Hat Security Advisory 2013-0273-01
Posted Feb 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0273-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle.

tags | advisory, java, remote, protocol
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1486
SHA-256 | d539e4d6911cdc8f6a178ebfda088502cb56aa31e26189bdf1c710612c289877
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close