CVE-2013-0425

Priority
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through
Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote
attackers to affect confidentiality, integrity, and availability via
unknown vectors related to Libraries, a different vulnerability than
CVE-2013-0428 and CVE-2013-0426. NOTE: the previous information is from
the February 2013 CPU. Oracle has not commented on claims from another
vendor that this issue is related to incorrect "access control checks" in
the logging API that allow remote attackers to bypass Java sandbox
restrictions.
Assigned-to
doko
Notes
Package
Upstream:pending (6b24-1.11.6, 6b27-1.12.1)
Package
Upstream:needs-triage
Package
Upstream:pending (7u9-2.3.5)
Package
Upstream:ignored (end of life)
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 21:02:22 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)