OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger Java Virtual Machine memory corruption.
advisories.mageia.org/MGASA-2013-0185.html
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1
icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS
lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
marc.info/?l=bugtraq&m=137545505800971&w=2
marc.info/?l=bugtraq&m=137545592101387&w=2
rhn.redhat.com/errata/RHSA-2013-0963.html
rhn.redhat.com/errata/RHSA-2013-1059.html
rhn.redhat.com/errata/RHSA-2013-1060.html
rhn.redhat.com/errata/RHSA-2013-1081.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1456.html
secunia.com/advisories/54154
security.gentoo.org/glsa/glsa-201406-32.xml
www-01.ibm.com/support/docview.wss?uid=swg21642336
www.mandriva.com/security/advisories?name=MDVSA-2013:183
www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
www.securityfocus.com/bid/60651
www.us-cert.gov/ncas/alerts/TA13-169A
access.redhat.com/errata/RHSA-2014:0414
access.redhat.com/security/updates/classification/#critical
bugzilla.redhat.com/show_bug.cgi?id=975099
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16806
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19348
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19517
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19655
rhn.redhat.com/errata/RHBA-2013-0959.html
rhn.redhat.com/errata/RHSA-2013-0957.html