10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
OpenJDK is vulnerable to authorization bypass. An improper permission check in the reflection API allows a remote attacker to bypass the Java sandbox restrictions and obtain unauthorized access to resources.
blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/
icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.4/NEWS
lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html
rhn.redhat.com/errata/RHSA-2013-0156.html
rhn.redhat.com/errata/RHSA-2013-0165.html
www.mandriva.com/security/advisories?name=MDVSA-2013:095
www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html
www.ubuntu.com/usn/USN-1693-1
access.redhat.com/security/updates/classification/#important
rhn.redhat.com/errata/RHSA-2013-0165.html
wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018