Lucene search
Vitaliy ToropovZDI-13-154HistoryJun 27, 2013 - 12:00 a.m.
Oracle Java ByteComponentRaster Buffer Overflow Remote Code Execution Vulnerability
2013-06-2700:00:00
Vitaliy Toropov
www.zerodayinitiative.com
23
0.943 High
EPSS
Percentile
99.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.awt.image.ByteComponentRaster class. The issue lies in the failure to properly verify that a buffer is large enough prior to copying data into it. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
cve
cve
CVE-2013-2473
2013-06-18 22:55:02
CVE-2013-2464
2013-06-18 22:55:02
saint
saint
Oracle Java java.awt.image.ByteComponentRaster Overflow
2013-10-24 00:00:00
Oracle Java java.awt.image.ByteComponentRaster Overflow
2013-10-24 00:00:00
Oracle Java java.awt.image.ByteComponentRaster Overflow
2013-10-24 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
ubuntucve
ubuntucve
CVE-2013-2473
2013-06-18 00:00:00
CVE-2013-2464
2013-06-18 00:00:00
nvd
nvd
CVE-2013-2473
2013-06-18 22:55:02
CVE-2013-2464
2013-06-18 22:55:02
cvelist
cvelist
CVE-2013-2473
2013-06-18 22:00:00
CVE-2013-2464
2013-06-18 22:00:00
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 04:45:33
Privilege Escalation
2019-05-02 04:46:29
Privilege Escalation
2019-05-02 04:46:30
threatpost
threatpost
Many Flash, Java Users Running Older, Vulnerable Versions
2013-09-06 07:40:52
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ibm
ibm
Security Bulletin: CICS Transaction Gateway for Multiplatforms
2022-09-25 22:39:39
Security Bulletin: Potential security vulnerabilities with JavaTM SDKs
2022-09-25 21:06:56
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1293-2)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1264-1)
2021-06-09 00:00:00
Oracle Java SE Multiple Vulnerabilities -03 June 13 (Windows)
2013-06-24 00:00:00
suse
suse
Security update for java-1_4_2-ibm (important)
2013-07-27 17:04:24
Security update for IBM Java 1.4.2 (important)
2013-08-05 20:04:12
Security update for java-1_6_0-openjdk (important)
2013-07-23 22:04:14
nessus
nessus
SuSE 10 Security Update : java-1_4_2-ibm (ZYPP Patch Number 8652)
2013-07-28 00:00:00
SuSE 11.2 Security Update : java-1_4_2-ibm (SAT Patch Number 8109)
2013-07-28 00:00:00
RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2013:1014)
2013-07-05 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-07-03 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
redhat
redhat
(RHSA-2013:1014) Important: java-1.6.0-openjdk security update
2013-07-03 00:00:00
(RHSA-2013:1081) Important: java-1.5.0-ibm security update
2013-07-16 00:00:00
(RHSA-2013:0958) Important: java-1.7.0-openjdk security update
2013-06-19 00:00:00
centos
centos
java security update
2013-07-04 10:07:44
java security update
2013-06-20 06:43:01
java security update
2013-06-20 06:46:44
debian
debian
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:11:57
[SECURITY] [DSA 2722-1] openjdk-7 security update
2013-07-15 15:52:23
amazon
amazon
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
mageia
mageia
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
IcedTea Web update
2013-07-16 00:00:00
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00