CVE-2013-1478 Information
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 6 through Update 38 5.0 through Update 38 and 1.4.2_40 and earlier and OpenJDK 6 and 7 allows remote attackers to affect confidentiality integrity and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \insufficient validation of raster parameters\ that can trigger an integer overflow and memory corruption.
Reference
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html http://marc.info/?l=bugtraq&m=136439120408139&w=2 http://marc.info/?l=bugtraq&m=136570436423916&w=2 http://marc.info/?l=bugtraq&m=136733161405818&w=2 http://rhn.redhat.com/errata/RHSA-2013-0236.html http://rhn.redhat.com/errata/RHSA-2013-0237.html http://rhn.redhat.com/errata/RHSA-2013-0245.html http://rhn.redhat.com/errata/RHSA-2013-0246.html http://rhn.redhat.com/errata/RHSA-2013-0247.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html http://security.gentoo.org/glsa/glsa-201406-32.xml http://www.kb.cert.org/vuls/id/858729 http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.securityfocus.com/bid/57686 http://www.us-cert.gov/cas/techalerts/TA13-032A.html http://www-01.ibm.com/support/docview.wss?uid=swg21645566 https://bugzilla.redhat.com/show_bug.cgi?id=906894 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A15733 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19429 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19454 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A19529 https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
Share on: