CVE-2013-2471

From Botnets.fr
Jump to: navigation, search

MITRE CVE Reference: CVE-2013-2471
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."

Usage

Targetted asset: Java

Exploit kits using this vulnerability/ Exploit kits utilisant cette vulnérabilité:

Botnets using this vulnerability to function/propagate:

  • Botnets:

Campaigns using this vulnerability:

  • Campaigns:

Packages includingthis vulnerability:

  • Packages:

Publications

 AuthorEditorYear
An overview of exploit packsMila ParkourContagio2012
CVE-2013-2465/CVE-2013-2471/CVE-2013-2463 integrating Exploit Kits -- jre7u21 CVE- jre6u45 and earlierKafeineMalware don't need cofee2013

MITRE CVE LICENSE: The MITRE Corporation (MITRE) hereby grants you a non-exclusive, royalty-free license to use Common Vulnerabilities and Exposures (CVE®) for research, development, and commercial purposes. Any copy you make for such purposes is authorized provided that you reproduce MITRE’s copyright designation and this license in any such copy. MITRE CVE®, TERMS OF USE: [1]