CVE-2013-0433

Priority
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through
Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity
via unknown vectors related to Networking. NOTE: the previous information
is from the February 2013 CPU. Oracle has not commented on claims from
another vendor that this issue allows remote attackers to avoid triggering
an exception during the deserialization of invalid InetSocketAddress data.
Assigned-to
doko
Notes
Package
Upstream:pending (6b24-1.11.6, 6b27-1.12.1)
Package
Upstream:needs-triage
Package
Upstream:pending (7u9-2.3.5)
Package
Upstream:ignored (end of life)
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 21:02:23 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)