Lucene search
VUPEN Security [ http://www.vupen.com ]ZDI-13-077HistoryMay 10, 2013 - 12:00 a.m.
(Pwn2Own) Oracle Java FLV Parsing Remote Code Execution Vulnerability
2013-05-1000:00:00
VUPEN Security [ http://www.vupen.com ]
www.zerodayinitiative.com
47
EPSS
0.287
Percentile
96.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FLV files. The issue lies in the parsing of a FLV file with two video tags using the On2 VP6 codec. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
nvd
nvd
cvelist
cvelist
ubuntucve
ubuntucve
cve
cve
prion
prion
Heap overflow
2013-03-08 18:55:00
Design/Logic Flaw
2013-04-17 18:55:00
Design/Logic Flaw
2013-04-17 18:55:00
nessus
nessus
Oracle Java SE Multiple Vulnerabilities (April 2013 CPU)
2013-04-17 00:00:00
Oracle Java SE Multiple Vulnerabilities (April 2013 CPU) (Unix)
2013-04-17 00:00:00
RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0757)
2013-04-19 00:00:00
redhat
redhat
(RHSA-2013:0757) Critical: java-1.7.0-oracle security update
2013-04-18 00:00:00
ibm
ibm
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2013-04-22 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201401-30
2015-09-29 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00