ELSA-2013-0770 Important: Oracle Linux java-1.6.0-openjdk security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | April 17, 2013 | April 26, 2013 | July 04, 2017 |
Available Exploits 
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2013-04-16-2
- BID-59131
- BID-59159
- BID-59166
- BID-59179
- BID-59190
- CERT-TA13-107A
- CVE-2013-0401
- CVE-2013-1488
- CVE-2013-1518
- CVE-2013-1537
- CVE-2013-1557
- CVE-2013-1558
- CVE-2013-1569
- CVE-2013-2383
- CVE-2013-2384
- CVE-2013-2415
- CVE-2013-2417
- CVE-2013-2419
- CVE-2013-2420
- CVE-2013-2421
- CVE-2013-2422
- CVE-2013-2424
- CVE-2013-2426
- CVE-2013-2429
- CVE-2013-2430
- CVE-2013-2431
- OVAL-OVAL15708
- OVAL-OVAL16011
- OVAL-OVAL16258
- OVAL-OVAL16297
- OVAL-OVAL16314
- OVAL-OVAL16410
- OVAL-OVAL16446
- OVAL-OVAL16511
- OVAL-OVAL16527
- OVAL-OVAL16543
- OVAL-OVAL16549
- OVAL-OVAL16561
- OVAL-OVAL16564
- OVAL-OVAL16578
- OVAL-OVAL16597
- OVAL-OVAL16683
- OVAL-OVAL16688
- OVAL-OVAL16697
- OVAL-OVAL16702
- OVAL-OVAL19087
- OVAL-OVAL19107
- OVAL-OVAL19158
- OVAL-OVAL19203
- OVAL-OVAL19291
- OVAL-OVAL19294
- OVAL-OVAL19327
- OVAL-OVAL19341
- OVAL-OVAL19354
- OVAL-OVAL19385
- OVAL-OVAL19386
- OVAL-OVAL19451
- OVAL-OVAL19463
- OVAL-OVAL19524
- OVAL-OVAL19526
- OVAL-OVAL19536
- OVAL-OVAL19549
- OVAL-OVAL19550
- OVAL-OVAL19556
- OVAL-OVAL19570
- OVAL-OVAL19594
- OVAL-OVAL19641
- OVAL-OVAL19656
- OVAL-OVAL19672
- OVAL-OVAL19704
- OVAL-OVAL19705
- OVAL-OVAL19715
- OVAL-OVAL19725
- REDHAT-RHSA-2013:0752
- REDHAT-RHSA-2013:0757
- REDHAT-RHSA-2013:0758
- REDHAT-RHSA-2013:1455
- REDHAT-RHSA-2013:1456
- URL: http://oss.oracle.com/pipermail/el-errata/2013-April/003432.html
- URL: http://oss.oracle.com/pipermail/el-errata/2013-April/003439.html
Solution Reference
Java Security UpdateSolution
oracle-linux-upgrade-java-1-6-0-openjdkRelated Vulnerabilities
- Java CPU April 2013 Java Runtime Environment RMI vulnerability (CVE-2013-1537)
- Oracle Solaris 11: CVE-2013-2422: Vulnerability in Java 6, Java 7
- Apple Java security update for CVE-2013-2422
- Alpine Linux: CVE-2013-2419: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Amazon Linux AMI: Security patch for java-1.6.0-openjdk (ALAS-2013-185) (multiple CVEs)
- SUSE Linux Security Vulnerability: CVE-2013-2429
- Alpine Linux: CVE-2013-2430: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Gentoo Linux: CVE-2013-1488: Oracle JRE/JDK: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-1569
- RHSA-2013:0855: java-1.5.0-ibm security update
- Alpine Linux: CVE-2013-2426: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Gentoo Linux: CVE-2013-2421: Oracle JRE/JDK: Multiple vulnerabilities
- Gentoo Linux: CVE-2013-2420: Oracle JRE/JDK: Multiple vulnerabilities
- Alpine Linux: CVE-2013-2417: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- SUSE Linux Security Vulnerability: CVE-2013-2415
- HP-UX: CVE-2013-2430: Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Alpine Linux: CVE-2013-2383: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Java CPU April 2013 Java Runtime Environment 2D vulnerability (CVE-2013-2420)
- RHSA-2013:0757: java-1.7.0-oracle security update
- Apple Java security update for CVE-2013-2420
- Java CPU April 2013 Java Runtime Environment JAX-WS vulnerability (CVE-2013-2415)
- Alpine Linux: CVE-2013-2431: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Oracle Solaris 11: CVE-2013-2430: Vulnerability in Java 6, Java 7
- Alpine Linux: CVE-2013-1537: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Gentoo Linux: CVE-2013-2429: Oracle JRE/JDK: Multiple vulnerabilities
- Oracle Solaris 11: CVE-2013-2420: Vulnerability in Java 6, Java 7
- HP-UX: CVE-2013-2424: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Java CPU April 2013 Java Runtime Environment Networking vulnerability (CVE-2013-2417)
- Oracle Solaris 11: CVE-2013-2419: Vulnerability in Java 6, Java 7, Localization (L10N)
- Java CPU April 2013 Java Runtime Environment 2D vulnerability (CVE-2013-2384)
- HP-UX: CVE-2013-2422: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Gentoo Linux: CVE-2013-1537: Oracle JRE/JDK: Multiple vulnerabilities
- Java CPU April 2013 Java Runtime Environment HotSpot vulnerability (CVE-2013-2421)
- Cent OS: CVE-2013-2384: CESA-2013:0770 (java-1.6.0-openjdk)
- Java CPU April 2013 Java Runtime Environment 2D vulnerability (CVE-2013-2383)
- Alpine Linux: CVE-2013-2415: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- RHSA-2013:0752: java-1.7.0-openjdk security update
- Apple Java security update for CVE-2013-1569
- SUSE Linux Security Vulnerability: CVE-2013-2421
- Apple Java security update for CVE-2013-2424
- SUSE Linux Security Vulnerability: CVE-2013-2422
- Java CPU April 2013 Java Runtime Environment Libraries vulnerability (CVE-2013-1488)
- SUSE Linux Security Vulnerability: CVE-2013-2417
- HP-UX: CVE-2013-1537: Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Oracle Solaris 11: CVE-2013-1488: Vulnerability in Java 7
- Alpine Linux: CVE-2013-2422: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- SUSE Linux Security Vulnerability: CVE-2013-2420
- Java CPU April 2013 Java Runtime Environment JAXP vulnerability (CVE-2013-1518)
- HP-UX: CVE-2013-2383: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- HP-UX: CVE-2013-2420: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Oracle Solaris 11: CVE-2013-1569: Vulnerability in Java 6, Java 7, Localization (L10N)
- HP-UX: CVE-2013-2419: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Gentoo Linux: CVE-2013-1518: Oracle JRE/JDK: Multiple vulnerabilities
- RHSA-2013:0751: java-1.7.0-openjdk security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- Gentoo Linux: CVE-2013-2422: Oracle JRE/JDK: Multiple vulnerabilities
- Apple Java security update for CVE-2013-1557
- Oracle Solaris 11: CVE-2013-2383: Vulnerability in Java 6, Java 7, Localization (L10N)
- Java CPU April 2013 Java Runtime Environment ImageIO vulnerability (CVE-2013-2429)
- Alpine Linux: CVE-2013-1557: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Cent OS: CVE-2013-2424: CESA-2013:0770 (java-1.6.0-openjdk)
- ELSA-2013-0751 Critical: Oracle Linux java-1.7.0-openjdk security update
- Alpine Linux: CVE-2013-2429: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Oracle Solaris 11: CVE-2013-1557: Vulnerability in Java 6, Java 7
- Alpine Linux: CVE-2013-1488: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Java CPU April 2013 Java Runtime Environment Libraries vulnerability (CVE-2013-2422)
- Apple Java security update for CVE-2013-2419
- Cent OS: CVE-2013-1569: CESA-2013:0770 (java-1.6.0-openjdk)
- Oracle Solaris 11: CVE-2013-0401: Vulnerability in Java 6, Java 7
- RHSA-2013:0823: java-1.6.0-ibm security update
- SUSE Linux Security Vulnerability: CVE-2013-2426
- HP-UX: CVE-2013-1558: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Gentoo Linux: CVE-2013-2431: Oracle JRE/JDK: Multiple vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-2424
- Alpine Linux: CVE-2013-2420: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- HP-UX: CVE-2013-2417: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- ELSA-2013-0752 Important: Oracle Linux java-1.7.0-openjdk security update
- Gentoo Linux: CVE-2013-2426: Oracle JRE/JDK: Multiple vulnerabilities
- Oracle Solaris 11: CVE-2013-2431: Vulnerability in Java 7
- HP-UX: CVE-2013-1518: Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Java CPU April 2013 Java Runtime Environment JMX vulnerability (CVE-2013-2424)
- Apple Java security update for CVE-2013-1537
- RHSA-2013:0758: java-1.6.0-sun security update
- USN-1806-1: OpenJDK 7 vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-2383
- Amazon Linux AMI: Security patch for java-1.7.0-openjdk (ALAS-2013-183) (multiple CVEs)
- USN-2522-3: ICU vulnerabilities
- Java CPU April 2013 Java Runtime Environment Libraries vulnerability (CVE-2013-2426)
- HP-UX: CVE-2013-1569: Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
- Oracle Solaris 11: CVE-2013-1558: Vulnerability in Java 6, Java 7
- Cent OS: CVE-2013-2419: CESA-2013:0770 (java-1.6.0-openjdk)
- Oracle Solaris 11: CVE-2013-2426: Vulnerability in Java 7
- Gentoo Linux: CVE-2013-1558: Oracle JRE/JDK: Multiple vulnerabilities
- Alpine Linux: CVE-2013-2424: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Apple Java security update for CVE-2013-1558
- Java CPU April 2013 Java Runtime Environment Beans vulnerability (CVE-2013-1558)
- Java CPU April 2013 Java Runtime Environment Hotspot vulnerability (CVE-2013-2431)
- Alpine Linux: CVE-2013-1518: Multiple vulnerabilities in openjdk6 < 1.11.10 allows remote code execution
- Gentoo Linux: CVE-2013-2383: Oracle JRE/JDK: Multiple vulnerabilities
- Gentoo Linux: CVE-2013-1569: Oracle JRE/JDK: Multiple vulnerabilities