Lucene search
Alin Rad PopZDI-13-071HistoryMay 10, 2013 - 12:00 a.m.
Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability
2013-05-1000:00:00
Alin Rad Pop
www.zerodayinitiative.com
21
EPSS
0.043
Percentile
92.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t2k.dll glyph_AddPoint() when rendering Type1 or Type2 fonts. Memory corruption could occur when manipulating a point count in the font file. This could lead to remote code execution under the context of the process.
Related
nvd
nvd
CVE-2013-2434
2013-04-17 18:55:07
cvelist
cvelist
CVE-2013-2434
2013-04-17 15:00:00
prion
prion
Design/Logic Flaw
2013-04-17 18:55:00
ubuntucve
ubuntucve
CVE-2013-2434
2013-04-17 00:00:00
cve
cve
CVE-2013-2434
2013-04-17 18:55:07
openvas
openvas
Oracle Java SE Multiple Vulnerabilities -03 (May 2013) - Windows
2013-05-06 00:00:00
Oracle Java SE Multiple Vulnerabilities -03 May 13 (Windows)
2013-05-06 00:00:00
Gentoo Security Advisory GLSA 201401-30
2015-09-29 00:00:00
nessus
nessus
RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:0822)
2013-05-15 00:00:00
RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0757)
2013-04-19 00:00:00
Oracle Java SE Multiple Vulnerabilities (April 2013 CPU) (Unix)
2013-04-17 00:00:00
redhat
redhat
(RHSA-2013:0822) Critical: java-1.7.0-ibm security update
2013-05-14 00:00:00
(RHSA-2013:0757) Critical: java-1.7.0-oracle security update
2013-04-18 00:00:00
ibm
ibm
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2013-04-22 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00