CVSS: 10.0EPSS: 88%CPEs: 188EXPL: 1CVE-2013-2470 – Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2470
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." ... Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con el "ImagingLib byte lookup processing". • https://www.exploit-db.com/exploits/28050 http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-se •
CVSS: 10.0EPSS: 86%CPEs: 104EXPL: 1CVE-2013-2465 – Oracle Java SE Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2013-2465
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D. ... Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con la "Incorrect image attribute verification" en 2D. • https://www.exploit-db.com/exploits/27705 http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-se •
CVSS: 7.6EPSS: 16%CPEs: 188EXPL: 0CVE-2013-2448 – Oracle Java Sequencer Security Manager Bypass Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2448
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes." ... Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con "access restrictions" insuficientes y "robustness of sound classes". • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/91ce9432f88d http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x •
CVSS: 10.0EPSS: 10%CPEs: 188EXPL: 0CVE-2013-2459 – OpenJDK: Various AWT integer overflow checks (AWT, 8009071)
https://notcve.org/view.php?id=CVE-2013-2459
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks." ... Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con "integer overflow checks". • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/c98afec1bf86 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 94%CPEs: 188EXPL: 0CVE-2013-2463 – Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2463
Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D. ... Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con la "Incorrect image attribute verification" en 2D. ... The issue lies in the ability to bypass validation checks leading to out-of-bounds array accesses. • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b79d56eee18e http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x •