CVE-2013-1475 Information
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 6 through Update 38 5.0 through Update 38 and 1.4.2_40 and earlier and OpenJDK 6 and 7 allows remote attackers to affect confidentiality integrity and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \IIOP type reuse management\ in ObjectStreamClass.java.
Reference
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/127e4c348a71 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html http://marc.info/?l=bugtraq&m=136439120408139&w=2 http://marc.info/?l=bugtraq&m=136570436423916&w=2 http://marc.info/?l=bugtraq&m=136733161405818&w=2 http://rhn.redhat.com/errata/RHSA-2013-0236.html http://rhn.redhat.com/errata/RHSA-2013-0237.html http://rhn.redhat.com/errata/RHSA-2013-0245.html http://rhn.redhat.com/errata/RHSA-2013-0246.html http://rhn.redhat.com/errata/RHSA-2013-0247.html http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.kb.cert.org/vuls/id/858729 http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.securityfocus.com/bid/57694 http://www.us-cert.gov/cas/techalerts/TA13-032A.html http://www-01.ibm.com/support/docview.wss?uid=swg21631786 https://bugzilla.redhat.com/show_bug.cgi?id=860652 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A16613 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19238 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19325 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19593 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
Share on: