cve/CVE-2013-2422.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.

POC

Reference

http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html

Github

No PoCs found on GitHub currently.

1.1 KiB Raw Blame History

CVE-2013-2422

Description

POC

Reference

Github

1.1 KiB

Raw Blame History