Lucene search
Alin Rad PopZDI-13-070HistoryMay 10, 2013 - 12:00 a.m.
Oracle Java mort TTF Table Ligature Substitution Remote Code Execution Vulnerability
2013-05-1000:00:00
Alin Rad Pop
www.zerodayinitiative.com
28
0.052 Low
EPSS
Percentile
93.0%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager native component. There is a vulnerability when processing Ligature Substitution subtables embedded in a “mort” table, which can result in a memory corruption. This allows a malicious applet to execute attacker-supplied code resulting in remote code execution under the context of the current user.
Related
veracode
veracode
Improper Access Control
2019-05-02 04:44:36
openvas
openvas
Fedora Update for pyicu FEDORA-2013-13479
2013-08-08 00:00:00
Fedora Update for icu FEDORA-2013-13523
2013-08-20 00:00:00
Fedora Update for icu FEDORA-2013-13523
2013-08-20 00:00:00
debiancve
debiancve
CVE-2013-2383
2013-04-17 18:55:06
CVE-2013-2384
2013-04-17 18:55:06
fedora
fedora
[SECURITY] Fedora 19 Update: fontmatrix-0.9.99-12.r1218.fc19
2013-07-28 01:14:45
[SECURITY] Fedora 19 Update: icu-50.1.2-7.fc19
2013-07-28 01:14:45
[SECURITY] Fedora 19 Update: openttd-1.3.2-0.2.RC1.fc19
2013-07-28 01:14:45
ubuntucve
ubuntucve
CVE-2013-2384
2013-04-17 00:00:00
CVE-2013-2383
2013-04-17 00:00:00
prion
prion
Design/Logic Flaw
2013-04-17 18:55:00
Design/Logic Flaw
2013-04-17 18:55:00
cve
cve
CVE-2013-2384
2013-04-17 18:55:06
CVE-2013-2383
2013-04-17 18:55:06
cvelist
cvelist
CVE-2013-2383
2013-04-17 15:00:00
CVE-2013-2384
2013-04-17 15:00:00
nessus
nessus
Fedora 19 : fontmatrix-0.9.99-12.r1218.fc19 / icu-50.1.2-7.fc19 / libreoffice-4.1.0.3-2.fc19 / etc (2013-13523)
2013-07-28 00:00:00
Fedora 18 : fontmatrix-0.9.99-9.r1218.fc18 / icu-49.1.1-10.fc18 / libreoffice-3.6.7.2-3.fc18 / etc (2013-13479)
2013-08-05 00:00:00
Debian DSA-3187-1 : icu - security update
2015-03-17 00:00:00
nvd
nvd
CVE-2013-2383
2013-04-17 18:55:06
CVE-2013-2384
2013-04-17 18:55:06
debian
debian
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
[SECURITY] [DLA 219-1] icu security update
2015-05-14 09:45:27
[SECURITY] [DSA 3187-1] icu security update
2015-03-15 05:02:23
ubuntu
ubuntu
ICU vulnerabilities
2015-03-05 00:00:00
ICU vulnerabilities
2015-03-10 00:00:00
ICU regression
2015-03-06 00:00:00
securityvulns
securityvulns
[USN-2522-1] ICU vulnerabilities
2015-03-07 00:00:00
libicu multiple security vulnerabilities
2015-03-07 00:00:00
APPLE-SA-2013-04-16-2 Java for OS X 2013-003 and Mac OS X v10.6 Update 15
2013-04-22 00:00:00
osv
osv
icu - security update
2015-03-15 00:00:00
icu - security update
2015-05-14 00:00:00
suse
suse
Security update for Java 1.4.2 (important)
2013-06-10 18:09:23
Security update for java-1_6_0-openjdk (important)
2013-05-21 20:04:20
Security update for IBM Java (important)
2013-07-02 19:04:22
redhat
redhat
(RHSA-2013:0855) Important: java-1.5.0-ibm security update
2013-05-22 00:00:00
(RHSA-2013:0770) Important: java-1.6.0-openjdk security update
2013-04-24 00:00:00
(RHSA-2013:0751) Critical: java-1.7.0-openjdk security update
2013-04-17 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2013-04-25 20:40:00
Critical: java-1.7.0-openjdk
2013-04-18 13:59:00
centos
centos
java security update
2013-04-24 20:56:24
java security update
2013-04-17 22:33:59
java security update
2013-04-17 21:01:08
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-04-24 00:00:00
java-1.7.0-openjdk security update
2013-04-17 00:00:00
java-1.7.0-openjdk security update
2013-04-17 00:00:00
ibm
ibm