Candidate: CVE-2013-0431
PublicDate: 2013-01-31 14:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0431
 http://www.informationweek.com/security/application-security/java-hacker-uncovers-two-flaws-in-latest/240146717
 http://seclists.org/fulldisclosure/2013/Jan/195
 http://seclists.org/fulldisclosure/2013/Jan/142
 http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53
 http://arstechnica.com/security/2013/01/critical-java-vulnerabilies-confirmed-in-latest-version/
 http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
Description:
 Unspecified vulnerability in the Java Runtime Environment (JRE) component
 in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted
 remote attackers to bypass the Java security sandbox via unspecified
 vectors related to JMX, aka "Issue 52," a different vulnerability than
 CVE-2013-1490.
Ubuntu-Description:
Notes:
 mdeslaur> in lucid+, NetX and the plugin moved to the icedtea-web package
 jdstrand> openjdk-6b18 FTBFS on 11.04 (LP: #1043003)
 jdstrand> no fix available as of 2013-02-14
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_openjdk-7:
upstream_openjdk-7: released (7u13-2.3.6)
hardy_openjdk-7: DNE
lucid_openjdk-7: DNE
oneiric_openjdk-7: released (7u13-2.3.6-0ubuntu0.11.10.2)
precise_openjdk-7: released (7u13-2.3.6-0ubuntu0.12.04.1)
quantal_openjdk-7: released (7u13-2.3.6-0ubuntu0.12.10.1)
devel_openjdk-7: released (7u13-2.3.6-1ubuntu1)