Lucene search
Vitaliy ToropovZDI-13-155HistoryJun 27, 2013 - 12:00 a.m.
Oracle Java CMMImageLayout Memory Corruption Remote Code Execution Vulnerability
2013-06-2700:00:00
Vitaliy Toropov
www.zerodayinitiative.com
12
0.943 High
EPSS
Percentile
99.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CMMImageLayout class. The issue lies in the failure to validate the offset column field. An attacker can leverage this vulnerability to execute code under the context of the current process.
Related
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 04:45:33
Privilege Escalation
2019-05-02 04:46:31
Arbitrary Code Execution
2019-05-02 04:46:33
ubuntucve
ubuntucve
CVE-2013-2469
2013-06-18 00:00:00
CVE-2013-2464
2013-06-18 00:00:00
cvelist
cvelist
CVE-2013-2469
2013-06-18 22:00:00
CVE-2013-2464
2013-06-18 22:00:00
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
cve
cve
CVE-2013-2469
2013-06-18 22:55:02
CVE-2013-2464
2013-06-18 22:55:02
nvd
nvd
CVE-2013-2469
2013-06-18 22:55:02
CVE-2013-2464
2013-06-18 22:55:02
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ibm
ibm
suse
suse
Security update for IBM Java 1.4.2 (important)
2013-08-05 20:04:12
Security update for java-1_4_2-ibm (important)
2013-07-27 17:04:24
Security update for java-1_6_0-openjdk (important)
2013-07-23 22:04:14
nessus
nessus
SuSE 11.2 Security Update : java-1_4_2-ibm (SAT Patch Number 8109)
2013-07-28 00:00:00
SuSE 10 Security Update : java-1_4_2-ibm (ZYPP Patch Number 8652)
2013-07-28 00:00:00
SuSE 11.2 Security Update : java-1_6_0-openjdk (SAT Patch Number 8084)
2013-07-24 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1264-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1293-2)
2021-06-09 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2013:1014-01
2013-07-05 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-07-03 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
centos
centos
java security update
2013-07-04 10:07:44
java security update
2013-06-20 06:46:44
java security update
2013-06-20 06:43:01
redhat
redhat
(RHSA-2013:1014) Important: java-1.6.0-openjdk security update
2013-07-03 00:00:00
(RHSA-2013:0957) Critical: java-1.7.0-openjdk security update
2013-06-19 00:00:00
(RHSA-2013:1081) Important: java-1.5.0-ibm security update
2013-07-16 00:00:00
debian
debian
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:11:57
[SECURITY] [DSA 2722-1] openjdk-7 security update
2013-07-15 15:52:23
mageia
mageia
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
IcedTea Web update
2013-07-16 00:00:00
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00