This release of Icedtea6-1.12.4 fixes the following two
issues that allowed a remote attacker to execute arbitrary
code remotely by providing crafted images to the affected
code.

CVE-2013-0809: CVSS v2 Base Score: 6.8 (critical)
(AV:N/AC:M/Au:N/C:P/I:P/A:P): Insufficient Information
(CWE-noinfo)
CVE-2013-1493: CVSS v2 Base Score: 6.8 (critical)
(AV:N/AC:M/Au:N/C:P/I:P/A:P): Buffer Errors (CWE-119)

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Desktop11.2i586java-1_6_0-openjdk-demo< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm
SUSE Linux Enterprise Desktop11.2x86_64java-1_6_0-openjdk< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop11.2i586java-1_6_0-openjdk< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm
SUSE Linux Enterprise Desktop11.2x86_64java-1_6_0-openjdk-devel< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop11.2x86_64java-1_6_0-openjdk-demo< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop11.2i586java-1_6_0-openjdk-devel< 1.6.0.0_b27.1.12.4-0.2.1java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Desktop	11.2	i586	java-1_6_0-openjdk-demo	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm
SUSE Linux Enterprise Desktop	11.2	x86_64	java-1_6_0-openjdk	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop	11.2	i586	java-1_6_0-openjdk	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm
SUSE Linux Enterprise Desktop	11.2	x86_64	java-1_6_0-openjdk-devel	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop	11.2	x86_64	java-1_6_0-openjdk-demo	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.4-0.2.1.x86_64.rpm
SUSE Linux Enterprise Desktop	11.2	i586	java-1_6_0-openjdk-devel	< 1.6.0.0_b27.1.12.4-0.2.1	java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.4-0.2.1.i586.rpm

References

download.novell.com/patch/finder/?keywords=b123f43a2f91b6662161836877dd2663

bugzilla.novell.com/807487

openvas 41

nessus 55

threatpost 6

oraclelinux 4

prion 2

redhat 11

securityvulns 4

centos 4

ubuntu 2

amazon 2

cve 2

fedora 2

suse 5

cert 1

zdi 3

ubuntucve 2

checkpoint_advisories 3

saint 4

veracode 2

zdt 1

seebug 2

packetstorm 1

metasploit 1

exploitdb 1

ibm 13

symantec 1

qualysblog 1

gentoo 2

openvas

SuSE Update for java-1_6_0-openjdk openSUSE-SU-2013:0430-1 (java-1_6_0-openjdk)

2013-11-19 00:00:00

CentOS Update for java CESA-2013:0605 centos6

2013-03-12 00:00:00

Oracle Java SE Multiple Vulnerabilities -01 (Mar 2013) - Windows

2013-03-07 00:00:00

nessus

SuSE 11.2 Security Update : Java (SAT Patch Number 7457)

2013-03-13 00:00:00

CentOS 5 : java-1.6.0-openjdk (CESA-2013:0604)

2013-03-07 00:00:00

Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0604)

2013-07-12 00:00:00

threatpost

Oracle Rushes Emergency Java Update to Patch McRAT Vulnerabilities

2013-03-04 22:37:58

Attackers Beat Java Default Security Settings with Social Engineering

2013-03-05 17:27:40

The Java Zero-Day Procession Continues

2013-03-01 16:34:30

oraclelinux

java-1.6.0-openjdk security update

2013-03-06 00:00:00

java-1.7.0-openjdk security update

2013-03-06 00:00:00

java-1.6.0-openjdk security update

2013-03-06 00:00:00

prion

Design/Logic Flaw

2013-03-05 22:06:00

Memory corruption

2013-03-05 22:06:00

redhat

(RHSA-2013:0600) Critical: java-1.7.0-oracle security update

2013-03-06 00:00:00

(RHSA-2013:0601) Critical: java-1.6.0-sun security update

2013-03-06 00:00:00

(RHSA-2013:0604) Important: java-1.6.0-openjdk security update

2013-03-06 00:00:00

securityvulns

US-CERT Alert TA13-064A: Oracle Java Contains Multiple Vulnerabilities

2013-03-11 00:00:00

APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14

2013-03-11 00:00:00

HP Service Manager multiple security vulnerabilities

2014-03-03 00:00:00

centos

java security update

2013-03-06 21:08:42

java security update

2013-03-06 21:15:03

java security update

2013-03-06 21:09:16

ubuntu

OpenJDK 7 vulnerabilities

2013-03-07 00:00:00

OpenJDK 6 vulnerabilities

2013-03-05 00:00:00

amazon

Important: java-1.6.0-openjdk

2013-03-14 22:03:00

Important: java-1.7.0-openjdk

2013-03-14 22:03:00

cve

CVE-2013-0809

2013-03-05 22:06:00

CVE-2013-1493

2013-03-05 22:06:00

fedora

[SECURITY] Fedora 18 Update: java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc18

2013-03-14 02:56:25

[SECURITY] Fedora 17 Update: java-1.7.0-openjdk-1.7.0.9-2.3.8.0.fc17

2013-03-06 22:58:17

suse

java-1_6_0-openjdk: update to 1.12.4 (important)

2013-03-12 11:04:28

java-1_6_0-openjdk: update to 1.12.4 (important)

2013-03-12 21:04:28

Security update for IBM Java (important)

2013-04-23 21:04:26

cert

Oracle Java contains multiple vulnerabilities

2013-03-05 00:00:00

zdi

Oracle Java Runtime Environment AWT mediaLib Remote Code Execution Vulnerability

2013-06-27 00:00:00

Oracle Java Image ColorConvert Remote Code Execution Vulnerability

2013-06-27 00:00:00

Oracle Java cmmColorConvert Remote Code Execution Vulnerability

2013-06-27 00:00:00

ubuntucve

CVE-2013-0809

2013-03-04 00:00:00

CVE-2013-1493

2013-03-04 00:00:00

checkpoint_advisories

Oracle Java 2D ImagingLib Integer Overflow (CVE-2013-0809)

2013-03-24 00:00:00

Oracle Java Runtime CMM Code Execution (CVE-2013-1493)

2013-03-10 00:00:00

BlackHole Toolkit v2 JAVA Payload Stage Code Execution (CVE-2012-0507; CVE-2012-1723; CVE-2013-0422; CVE-2013-0431; CVE-2013-1493)

2013-10-27 00:00:00

saint

Java Runtime Environment Color Management memory overwrite

2013-04-04 00:00:00

Java Runtime Environment Color Management memory overwrite

2013-04-04 00:00:00

Java Runtime Environment Color Management memory overwrite

2013-04-04 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 08:59:18

Arbitrary Code Execution

2019-05-02 04:53:58

zdt

Java CMM Remote Code Execution Vulnerability

2013-03-28 00:00:00

seebug

Java CMM Remote Code Execution

2014-07-01 00:00:00

HP Service Manager多个安全漏洞

2014-02-25 00:00:00

packetstorm

Java CMM Remote Code Execution

2013-03-28 00:00:00

metasploit

Java CMM Remote Code Execution

2013-03-26 21:30:18

exploitdb

Java CMM - Remote Code Execution (Metasploit)

2013-03-29 00:00:00

ibm

Security Bulletin: Rational Functional Tester 8.x vulnerabilities due to security vulnerabilities in IBM JRE 7 SR3 or earlier, and non-IBM Java 7 (CVE-2013-0809, CVE-2013-1493, CVE-2013-0437, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0428)

2019-05-07 13:26:07

Security Bulletin: Tivoli Storage Productivity Center affected by vulnerabilities in OpenSSL (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)

2022-08-19 18:23:31

Security Bulletin: Multiple vulnerabilities in IBM Rational Build Forge (CVE-2012-3213, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, C

2018-06-17 04:45:23

symantec

Oracle Java SE CVE-2013-1493 Remote Code Execution Vulnerability

2013-02-28 00:00:00

qualysblog

Assess Your Risk From Ransomware Attacks, Powered by Qualys Research

2021-10-05 12:50:00

gentoo

IcedTea JDK: Multiple vulnerabilities

2014-06-29 00:00:00

Oracle JRE/JDK: Multiple vulnerabilities

2014-01-27 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.968 High

EPSS

Percentile

99.6%

JSON

Related for SUSE-SU-2013:0434-1