CVE-2013-0435

Priority
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK
6 and 7, allows remote attackers to affect confidentiality via vectors
related to JAX-WS. NOTE: the previous information is from the February
2013 CPU. Oracle has not commented on claims from another vendor that this
issue is related to improper restriction of com.sun.xml.internal packages
and "Better handling of UI elements."
Assigned-to
doko
Notes
Package
Upstream:pending (6b24-1.11.6, 6b27-1.12.1)
Package
Upstream:needs-triage
Package
Upstream:pending (7u9-2.3.5)
Package
Upstream:ignored (end of life)
Package
Upstream:needs-triage
More Information

Updated: 2019-12-05 21:02:23 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)