CVE-2013-2453
OpenJDK: MBeanServer Introspector package access (JMX, 8008124)
Severity Score
Exploit Likelihood
Affected Versions
110Public Exploits
0Exploited in Wild
-Decision
Descriptions
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.
La vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores y versión 6 Update 45 y anteriores de Oracle, permite a los atacantes remotos afectar a la integridad por medio de vectores relacionados con JMX. NOTA: la información previa es de la CPU de junio de 2013. Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema se debe a una falta de comprobación para el "package access" por parte del Introspector de MBeanServer.
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. Various other issues were addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-03-05 CVE Reserved
- 2013-06-18 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (26)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|