[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-5893Date: (C)2014-01-15   (M)2023-12-22


Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 9.3
Exploit Score: 8.6
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
OSVDB-102000
SECTRACK-1029608
SECUNIA-56432
SECUNIA-56485
SECUNIA-56486
SECUNIA-56535
BID-64758
BID-64863
RHSA-2014:0026
RHSA-2014:0027
RHSA-2014:0030
SSRT101454
USN-2089-1
http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
https://bugzilla.redhat.com/show_bug.cgi?id=1051549
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
openSUSE-SU-2014:0174
openSUSE-SU-2014:0177
openSUSE-SU-2014:0180

OVAL    10
oval:org.secpod.oval:def:203013
oval:org.secpod.oval:def:203012
oval:org.secpod.oval:def:1600184
oval:org.secpod.oval:def:1500354
...

© SecPod Technologies