Vulnerability & Exploit Database

Back to search

Amazon Linux AMI: Security patch for java-1.7.0-openjdk (ALAS-2013-168) (multiple CVEs)

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) March 05, 2013 February 28, 2014 July 04, 2017

Available Exploits 

Description

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

amazon-linux-upgrade-java-1-7-0-openjdk

Related Vulnerabilities