OpenJDK 7 Java Runtime Environment and Software Development Kit is susceptible to sandbox restriction bypass. Due to the flaws in ImagingLib and the image attribute, channel, layout and raster processing in the 2D component, it does not prevent an untrusted Java application or applet to trigger Java Virtual Machine memory corruption.
advisories.mageia.org/MGASA-2013-0185.html
bugzilla.redhat.com/bugzilla/show_bug.cgi?id=975120
h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/64055b403176
icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS
lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
marc.info/?l=bugtraq&m=137545505800971&w=2
marc.info/?l=bugtraq&m=137545592101387&w=2
rhn.redhat.com/errata/RHSA-2013-0963.html
rhn.redhat.com/errata/RHSA-2013-1059.html
rhn.redhat.com/errata/RHSA-2013-1060.html
rhn.redhat.com/errata/RHSA-2013-1081.html
rhn.redhat.com/errata/RHSA-2013-1455.html
rhn.redhat.com/errata/RHSA-2013-1456.html
secunia.com/advisories/54154
security.gentoo.org/glsa/glsa-201406-32.xml
www-01.ibm.com/support/docview.wss?uid=swg21642336
www.mandriva.com/security/advisories?name=MDVSA-2013:183
www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
www.securityfocus.com/bid/60658
www.us-cert.gov/ncas/alerts/TA13-169A
access.redhat.com/errata/RHSA-2014:0414
access.redhat.com/security/updates/classification/#critical
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17042
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19314
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19552
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19713
rhn.redhat.com/errata/RHBA-2013-0959.html
rhn.redhat.com/errata/RHSA-2013-0957.html