Novell Home

CVE-2013-0429

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-0429 at MITRE

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue involves the creation of a single PresentationManager that is shared across multiple thread groups, which allows remote attackers to bypass Java sandbox restrictions.

NVD CVSS v2 Base Score: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Novell Bugzilla entries: 801972, 803379, 806786

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • java-1_6_0-openjdk >= 1.6.0.0_b27.1.12.2-0.2.1
  • java-1_6_0-openjdk-demo >= 1.6.0.0_b27.1.12.2-0.2.1
  • java-1_6_0-openjdk-devel >= 1.6.0.0_b27.1.12.2-0.2.1
Builds
SAT Patch Nr: 7332

© 2014 Novell