CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.6%
It was discovered that OpenJDK did not properly validate certain types
of images. A remote attacker could exploit this to cause OpenJDK to crash.
(CVE-2013-0809)
It was discovered that OpenJDK did not properly check return values when
performing color conversion for images. If a user were tricked into
opening a crafted image with OpenJDK, such as with the Java plugin, a
remote attacker could cause OpenJDK to crash or execute arbitrary code
outside of the Java sandbox with the privileges of the user invoking the
program. (CVE-2013-1493)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 12.04 | noarch | icedtea-6-jre-cacao | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | icedtea-6-jre-jamvm | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-dbg | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-demo | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-jdk | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-jre | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-jre-headless | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-jre-zero | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 12.04 | noarch | openjdk-6-jre-lib | <ย 6b27-1.12.3-0ubuntu1~12.04.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | icedtea-6-jre-cacao | <ย 6b27-1.12.3-0ubuntu1~11.10.1 | UNKNOWN |