CVSS: 10.0EPSS: 94%CPEs: 188EXPL: 0CVE-2013-2469 – Oracle Java CMMImageLayout Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2469
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores, versión 6 Update 45 y anteriores, y versión 5.0 Update 45 y anteriores, y OpenJDK versión 7 de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con 2D. NOTA: la información previa es de la CPU de junio de 2013. • http://advisories.mageia.org/MGASA-2013-0185.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=975120 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/64055b403176 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse •
CVSS: 10.0EPSS: 88%CPEs: 188EXPL: 1CVE-2013-2470 – Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2470
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores, versión 6 Update 45 y anteriores, y versión 5.0 Update 45 y anteriores, y OpenJDK versión 7 de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con 2D. NOTA: la información previa es de la CPU de junio de 2013. • https://www.exploit-db.com/exploits/28050 http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-se •
CVSS: 10.0EPSS: 94%CPEs: 188EXPL: 0CVE-2013-2471 – Oracle Java IntegerComponentRaster Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores, 6 Update 45 y versiones anteriores y 5.0 Update 45 y versiones anteriores y OpenJDK 7, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa es de Junio 2013 CPU. • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/4c3d38927a26 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x •
CVSS: 10.0EPSS: 88%CPEs: 188EXPL: 1CVE-2013-2472 – Oracle Java ShortComponentRaster Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2472
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores, 6 Update 45 y versiones anteriores y 5.0 Update 45 y versiones anteriores y OpenJDK 7, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa es de Junio 2013 CPU. • https://www.exploit-db.com/exploits/28331 http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/3cd4bec64e31 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-se •
CVSS: 10.0EPSS: 94%CPEs: 188EXPL: 0CVE-2013-2473 – Oracle Java ByteComponentRaster Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2473
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores, 6 Update 45 y versiones anteriores y 5.0 Update 45 y versiones anteriores y OpenJDK 7, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa es de Junio 2013 CPU. • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/259d4998ce2f http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x •