| Revision Date: | 2013-06-03 | Version: | 4 |
| Title: | Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and JavaFX 2.2.7 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized Operating System takeover including arbitrary code execution. |
| Description: | Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2013-0402
|
| Platform(s): | Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Java Runtime Environment
JavaFX
|
| Definition Synopsis |
| Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17 and is greater than or equal to 1.7.0 Determine if the version of Java Runtime Environment is less than or equal to 1.7.0:update_17
AND Java SE Runtime Environment 7 is installed
OR Determine if the version of JavaFX is less than or equal to 2.2.7
Determine if the version of JavaFX is less than or equal to 2.2.7
OR Determine if the version of JavaFX is less than 2.2.7 (JRE 1.7.0:update_7 and later)
AND JavaFX 2.x is installed
|