Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jre | Oracle | * | 1.6.0 (including) |
| Jre | Oracle | 1.6.0-update22 (including) | 1.6.0-update22 (including) |
| Jre | Oracle | 1.6.0-update23 (including) | 1.6.0-update23 (including) |
| Jre | Oracle | 1.6.0-update24 (including) | 1.6.0-update24 (including) |
| Jre | Oracle | 1.6.0-update25 (including) | 1.6.0-update25 (including) |
| Jre | Oracle | 1.6.0-update26 (including) | 1.6.0-update26 (including) |
| Jre | Oracle | 1.6.0-update27 (including) | 1.6.0-update27 (including) |
| Jre | Oracle | 1.6.0-update29 (including) | 1.6.0-update29 (including) |
| Jre | Oracle | 1.6.0-update30 (including) | 1.6.0-update30 (including) |
| Jre | Oracle | 1.6.0-update31 (including) | 1.6.0-update31 (including) |
| Jre | Oracle | 1.6.0-update32 (including) | 1.6.0-update32 (including) |
| Jre | Oracle | 1.6.0-update33 (including) | 1.6.0-update33 (including) |
| Jre | Oracle | 1.6.0-update34 (including) | 1.6.0-update34 (including) |
| Jre | Oracle | 1.6.0-update35 (including) | 1.6.0-update35 (including) |
| Jre | Oracle | 1.6.0-update37 (including) | 1.6.0-update37 (including) |
| Jre | Oracle | 1.6.0-update38 (including) | 1.6.0-update38 (including) |
| Jre | Oracle | 1.6.0-update39 (including) | 1.6.0-update39 (including) |
| Jre | Sun | 1.6.0 (including) | 1.6.0 (including) |
| Jre | Sun | 1.6.0-update_1 (including) | 1.6.0-update_1 (including) |
| Jre | Sun | 1.6.0-update_10 (including) | 1.6.0-update_10 (including) |
| Jre | Sun | 1.6.0-update_11 (including) | 1.6.0-update_11 (including) |
| Jre | Sun | 1.6.0-update_12 (including) | 1.6.0-update_12 (including) |
| Jre | Sun | 1.6.0-update_13 (including) | 1.6.0-update_13 (including) |
| Jre | Sun | 1.6.0-update_14 (including) | 1.6.0-update_14 (including) |
| Jre | Sun | 1.6.0-update_15 (including) | 1.6.0-update_15 (including) |
| Jre | Sun | 1.6.0-update_16 (including) | 1.6.0-update_16 (including) |
| Jre | Sun | 1.6.0-update_17 (including) | 1.6.0-update_17 (including) |
| Jre | Sun | 1.6.0-update_18 (including) | 1.6.0-update_18 (including) |
| Jre | Sun | 1.6.0-update_19 (including) | 1.6.0-update_19 (including) |
| Jre | Sun | 1.6.0-update_2 (including) | 1.6.0-update_2 (including) |
| Jre | Sun | 1.6.0-update_20 (including) | 1.6.0-update_20 (including) |
| Jre | Sun | 1.6.0-update_21 (including) | 1.6.0-update_21 (including) |
| Jre | Sun | 1.6.0-update_3 (including) | 1.6.0-update_3 (including) |
| Jre | Sun | 1.6.0-update_4 (including) | 1.6.0-update_4 (including) |
| Jre | Sun | 1.6.0-update_5 (including) | 1.6.0-update_5 (including) |
| Jre | Sun | 1.6.0-update_6 (including) | 1.6.0-update_6 (including) |
| Jre | Sun | 1.6.0-update_7 (including) | 1.6.0-update_7 (including) |
| Jre | Sun | 1.6.0-update_9 (including) | 1.6.0-update_9 (including) |
| Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el5_9 | * |
| Red Hat Enterprise Linux 5 | RedHat | java-1.6.0-openjdk-1:1.6.0.0-1.36.1.11.9.el5_9 | * |
| Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-openjdk-1:1.7.0.9-2.3.8.0.el6_4 | * |
| Red Hat Enterprise Linux 6 | RedHat | java-1.6.0-openjdk-1:1.6.0.0-1.57.1.11.9.el6_4 | * |
| Red Hat Network Satellite Server v 5.4 | RedHat | java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 | * |
| Red Hat Network Satellite Server v 5.5 | RedHat | java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-oracle-1:1.7.0.17-1jpp.1.el5_9 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.6.0-sun-1:1.6.0.43-1jpp.1.el5_9 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el5_9 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.6.0-ibm-1:1.6.0.13.0-1jpp.2.el5_9 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el5_9 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-oracle-1:1.7.0.17-1jpp.1.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.6.0-sun-1:1.6.0.43-1jpp.1.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4 | * |
| Openjdk-6 | Ubuntu | hardy | * |
| Openjdk-6 | Ubuntu | lucid | * |
| Openjdk-6 | Ubuntu | oneiric | * |
| Openjdk-6 | Ubuntu | precise | * |
| Openjdk-6 | Ubuntu | quantal | * |
| Openjdk-6 | Ubuntu | upstream | * |
| Openjdk-6b18 | Ubuntu | lucid | * |
| Openjdk-6b18 | Ubuntu | oneiric | * |
| Openjdk-7 | Ubuntu | devel | * |
| Openjdk-7 | Ubuntu | oneiric | * |
| Openjdk-7 | Ubuntu | precise | * |
| Openjdk-7 | Ubuntu | quantal | * |
| Openjdk-7 | Ubuntu | upstream | * |
References
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html
- http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2013-0601.html
- http://rhn.redhat.com/errata/RHSA-2013-0603.html
- http://rhn.redhat.com/errata/RHSA-2013-0604.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.kb.cert.org/vuls/id/688246
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
- http://www.oracle.com/ocom/groups/public/%40otn/documents/webcontent/1915099.xml
- http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html
- http://www.securityfocus.com/bid/58296
- http://www.ubuntu.com/usn/USN-1755-2
- http://www.us-cert.gov/ncas/alerts/TA13-064A
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19076
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19320
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19479
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html
- http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html
- http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2013-0601.html
- http://rhn.redhat.com/errata/RHSA-2013-0603.html
- http://rhn.redhat.com/errata/RHSA-2013-0604.html
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.kb.cert.org/vuls/id/688246
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
- http://www.oracle.com/ocom/groups/public/%40otn/documents/webcontent/1915099.xml
- http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html
- http://www.securityfocus.com/bid/58296
- http://www.ubuntu.com/usn/USN-1755-2
- http://www.us-cert.gov/ncas/alerts/TA13-064A
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19076
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19320
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19479
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088