QwikSec

Security Database

CVE

CWE

Training

CVE-2013-2460

Published: Jun 18, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_GENTOO

http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/160cde99bb1a

x_refsource_MISC

http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

x_refsource_CONFIRM

SUSE-SU-2013:1257

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_HP

SUSE-SU-2013:1256

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

oval:org.mitre.oval:def:19129

vdb-entry

signature

x_refsource_OVAL

oval:org.mitre.oval:def:17116

vdb-entry

signature

x_refsource_OVAL

third-party-advisory

x_refsource_CERT

http://advisories.mageia.org/MGASA-2013-0185.html

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=975122

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_MANDRIVA

http://www-01.ibm.com/support/docview.wss?uid=swg21642336

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.