Oval Definition:	oval:org.mitre.oval:def:23876
Revision Date: 2014-05-26 Version: 100 Title: ELSA-2013:0624: java-1.5.0-ibm security update (Critical) Description: The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2012-5085 CVE-2013-0409 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0440 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0450 CVE-2013-0809 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 CVE-2013-1486 CVE-2013-1493 ELSA-2013:0624-02 Platform(s): Oracle Linux 6 Product(s): java-1.5.0-ibm Definition Synopsis Oracle Linux 6.x AND rpm test java-1.5.0-ibm-devel is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm-jdbc is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm-demo is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm-src is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm-plugin is earlier than 1:1.5.0.16.0-1jpp.1.el6_4 OR java-1.5.0-ibm-javacomm is earlier than 1:1.5.0.16.0-1jpp.1.el6_4
BACK