github - ghsa-5f7g-c4h7-7vv4

ghsa-5f7g-c4h7-7vv4

Vulnerability from github

Published

2022-05-05 02:49

Modified

2022-05-05 02:49

Details

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka "missing serialization restriction."

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0441"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-02-02T00:55:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-1476 and CVE-2013-1475.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via certain methods that should not be serialized, aka \"missing serialization restriction.\"",
  "id": "GHSA-5f7g-c4h7-7vv4",
  "modified": "2022-05-05T02:49:03Z",
  "published": "2022-05-05T02:49:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0441"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16566"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19266"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19289"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19509"
    },
    {
      "type": "WEB",
      "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
    },
    {
      "type": "WEB",
      "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907458"
    },
    {
      "type": "WEB",
      "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
    },
    {
      "type": "WEB",
      "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/307ddc7799c7"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "type": "WEB",
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/858729"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/57692"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2013-0441

Vulnerability from cvelistv5

Published

2013-02-02 00:00

Modified

2024-08-06 14:25

Severity

Summary

References

URL	Tags
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095	vendor-advisory, x_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisory, x_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA13-032A.html	third-party-advisory, x_refsource_CERT
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/307ddc7799c7	x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19509	vdb-entry, signature, x_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-0236.html	vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
http://www.kb.cert.org/vuls/id/858729	third-party-advisory, x_refsource_CERT-VN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19289	vdb-entry, signature, x_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-0237.html	vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0247.html	vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisory, x_refsource_HP
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html	vendor-advisory, x_refsource_SUSE
http://www.securityfocus.com/bid/57692	vdb-entry, x_refsource_BID
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16566	vdb-entry, signature, x_refsource_OVAL
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html	vendor-advisory, x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-0246.html	vendor-advisory, x_refsource_REDHAT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19266	vdb-entry, signature, x_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0245.html	vendor-advisory, x_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html	x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS	x_refsource_CONFIRM
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907458	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisory, x_refsource_HP
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website