CVE-2013-0409
Published: 1 February 2013
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.
Notes
| Author | Note |
|---|---|
| jdstrand | http://rhn.redhat.com/errata/RHSA-2013-0237.html states this is Oracle JDK only, but based on Oracle advisory we claimed it was fixed in https://ubuntu.com/security/notices/USN-1724-1. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
openjdk-6 Launchpad, Ubuntu, Debian |
hardy |
Released
(6b27-1.12.3-0ubuntu1~08.04.1)
|
| lucid |
Released
(6b27-1.12.1-2ubuntu0.10.04.2)
|
|
| oneiric |
Released
(6b27-1.12.1-2ubuntu0.11.10.2)
|
|
| precise |
Released
(6b27-1.12.1-2ubuntu0.12.04.2)
|
|
| quantal |
Released
(6b27-1.12.1-2ubuntu0.12.10.2)
|
|
| upstream |
Released
(6b27-1.12.1)
|
|
|
openjdk-7 Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
| lucid |
Does not exist
|
|
| oneiric |
Released
(7u13-2.3.6-0ubuntu0.11.10.2)
|
|
| precise |
Released
(7u13-2.3.6-0ubuntu0.12.04.1)
|
|
| quantal |
Released
(7u13-2.3.6-0ubuntu0.12.10.1)
|
|
| upstream |
Released
(7u9-2.3.5)
|
References
- http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-February/021708.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-February/021728.html
- https://ubuntu.com/security/notices/USN-1724-1
- https://www.cve.org/CVERecord?id=CVE-2013-0409
- NVD
- Launchpad
- Debian