Veracode Vulnerability DatabaseVERACODE:14091Improper Access Control
0.052 Low
EPSS
Percentile
93.0%
OpenJDK is vulnerable to improper access control. The vulnerability exists in the Java Runtime Environment (JRE) component in Oracle Java SE. Remote attackers could affect confidentiality, integrity and availability via unknown vectors related to 2D.
References
blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/
blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/
bugs.icu-project.org/trac/ticket/10107
bugs.icu-project.org/trac/ticket/10107
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/6784c9903db7
hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/6784c9903db7
icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.9/NEWS
lists.apple.com/archives/security-announce/2013/Apr/msg00001.html
lists.apple.com/archives/security-announce/2013/Apr/msg00001.html
lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html
lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html
lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html
lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html
lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html
lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html
lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html
lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html
lists.opensuse.org/opensuse-updates/2013-05/msg00017.html
lists.opensuse.org/opensuse-updates/2013-05/msg00017.html
lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
marc.info/?l=bugtraq&m=137283787217316&w=2
marc.info/?l=bugtraq&m=137283787217316&w=2
rhn.redhat.com/errata/RHSA-2013-0752.html
rhn.redhat.com/errata/RHSA-2013-0752.html
rhn.redhat.com/errata/RHSA-2013-0757.html
rhn.redhat.com/errata/RHSA-2013-0757.html
rhn.redhat.com/errata/RHSA-2013-0758.html
rhn.redhat.com/errata/RHSA-2013-0758.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1456.html
rhn.redhat.com/errata/RHSA-2013-1456.html
security.gentoo.org/glsa/glsa-201406-32.xml
security.gentoo.org/glsa/glsa-201406-32.xml
site.icu-project.org/download/51#TOC-Known-Issues
site.icu-project.org/download/51#TOC-Known-Issues
www.mandriva.com/security/advisories?name=MDVSA-2013:145
www.mandriva.com/security/advisories?name=MDVSA-2013:145
www.mandriva.com/security/advisories?name=MDVSA-2013:161
www.mandriva.com/security/advisories?name=MDVSA-2013:161
www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
www.securityfocus.com/bid/59166
www.securityfocus.com/bid/59166
www.ubuntu.com/usn/USN-1806-1
www.ubuntu.com/usn/USN-1806-1
www.us-cert.gov/ncas/alerts/TA13-107A
www.us-cert.gov/ncas/alerts/TA13-107A
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=952711
bugzilla.redhat.com/show_bug.cgi?id=952711
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16697
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16697
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19327
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19327
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19556
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19556
rhn.redhat.com/errata/RHSA-2013-0751.html
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
Related
