CVE-2013-0409

Publication date 1 February 2013

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38 allows remote attackers to affect confidentiality via vectors related to JMX.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
openjdk-6 12.10 quantal
Fixed 6b27-1.12.1-2ubuntu0.12.10.2
12.04 LTS precise
Fixed 6b27-1.12.1-2ubuntu0.12.04.2
11.10 oneiric
Fixed 6b27-1.12.1-2ubuntu0.11.10.2
10.04 LTS lucid
Fixed 6b27-1.12.1-2ubuntu0.10.04.2
8.04 LTS hardy
Fixed 6b27-1.12.3-0ubuntu1~08.04.1
openjdk-7 12.10 quantal
Fixed 7u13-2.3.6-0ubuntu0.12.10.1
12.04 LTS precise
Fixed 7u13-2.3.6-0ubuntu0.12.04.1
11.10 oneiric
Fixed 7u13-2.3.6-0ubuntu0.11.10.2
10.04 LTS lucid Not in release
8.04 LTS hardy Not in release

Notes

jdstrand

http://rhn.redhat.com/errata/RHSA-2013-0237.html states this is Oracle JDK only, but based on Oracle advisory we claimed it was fixed in https://ubuntu.com/security/notices/USN-1724-1.