CVE-2013-0809

Published: 04 March 2013

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.

Priority

Medium

Status

Package Release Status
openjdk-6
Launchpad, Ubuntu, Debian
Upstream Pending
(6b27-1.12.4)
Patches:
Upstream: http://icedtea.classpath.org/hg/release/icedtea6-1.12/rev/abc301613e43 (8007014.patch)
openjdk-6b18
Launchpad, Ubuntu, Debian
Upstream Needs triage

openjdk-7
Launchpad, Ubuntu, Debian
Upstream Pending
(7u15-2.3.8)

Notes

AuthorNote
mdeslaur
in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand
sun-java6 is not redistributable, no longer in the archive and
no longer tracked
sun-java5 is EOL upstream and no longer tracked
as of 2013-03-05, no patches for openjdk-7

References