Lucene search
Veracode Vulnerability DatabaseVERACODE:10983HistoryJan 15, 2019 - 8:55 a.m.
Code Injection
2019-01-1508:55:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
EPSS
0.003
Percentile
70.0%
openjdk is vulnerable to code injection attacks. The vulnerability exists as jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.
Related
ubuntucve
ubuntucve
CVE-2013-4578
2017-12-29 00:00:00
nvd
nvd
CVE-2013-4578
2017-12-29 22:29:00
openvas
openvas
Oracle Java SE 'jarsigner' Security Bypass Vulnerability - Windows
2018-05-23 00:00:00
Oracle Java SE 'jarsigner' Security Bypass Vulnerability - Linux
2018-05-23 00:00:00
cve
cve
CVE-2013-4578
2017-12-29 22:29:00
cvelist
cvelist
CVE-2013-4578
2017-12-29 22:00:00
prion
prion
Design/Logic Flaw
2017-12-29 22:29:00
redhat
redhat
(RHSA-2014:0136) Important: java-1.5.0-ibm security update
2014-02-04 00:00:00
(RHSA-2014:0097) Important: java-1.6.0-openjdk security update
2014-01-27 00:00:00
(RHSA-2014:0027) Important: java-1.7.0-openjdk security update
2014-01-15 00:00:00
nessus
nessus
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0136)
2014-02-05 00:00:00
CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0097)
2014-01-28 00:00:00
Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0097)
2014-01-28 00:00:00
centos
centos
java security update
2014-01-27 22:53:27
java security update
2014-01-15 11:16:34