CVE-2013-0433
Publication date 1 February 2013
Last updated 24 July 2024
Ubuntu priority
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.
Status
Package | Ubuntu Release | Status |
---|---|---|
openjdk-6 | 12.10 quantal |
Fixed 6b27-1.12.1-2ubuntu0.12.10.2
|
12.04 LTS precise |
Fixed 6b27-1.12.1-2ubuntu0.12.04.2
|
|
11.10 oneiric |
Fixed 6b27-1.12.1-2ubuntu0.11.10.2
|
|
10.04 LTS lucid |
Fixed 6b27-1.12.1-2ubuntu0.10.04.2
|
|
8.04 LTS hardy |
Fixed 6b27-1.12.3-0ubuntu1~08.04.1
|
|
openjdk-6b18 | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release | |
openjdk-7 | 12.10 quantal |
Fixed 7u13-2.3.6-0ubuntu0.12.10.1
|
12.04 LTS precise |
Fixed 7u13-2.3.6-0ubuntu0.12.04.1
|
|
11.10 oneiric |
Fixed 7u13-2.3.6-0ubuntu0.11.10.2
|
|
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Not in release | |
sun-java5 | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Ignored end of life | |
sun-java6 | 12.10 quantal | Not in release |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy | Ignored end of life |
References
Related Ubuntu Security Notices (USN)
- USN-1724-1
- OpenJDK vulnerabilities
- 14 February 2013