CVE-2013-0809Integer Overflow or Wraparound in Oracle JDK

CWE-190Integer Overflow or Wraparound8 documents7 sources
Severity
10.0CRITICALNVD
EPSS
8.2%
top 7.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Oracle JDKOracle JRESUN JDK+1 more
Timeline
PublishedMar 5
Latest updateMay 14

Description

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

NVDoracle/jdk1.6.0+5
NVDoracle/jre1.6.0+5
NVDsun/jdk1.5.0, 1.6.0+1
NVDsun/jre1.5.0, 1.6.0+1

🔴Vulnerability Details

2
GHSA
GHSA-qv6m-9ccr-3jxp: Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 a2022-05-14
CVEList
CVE-2013-0809: Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 a2013-03-04

💥Exploits & PoCs

1
Exploit-DB
Sophos Web Protection Appliance - Multiple Vulnerabilities2013-09-09

📋Vendor Advisories

3
Ubuntu
OpenJDK 7 vulnerabilities2013-03-07
Ubuntu
OpenJDK 6 vulnerabilities2013-03-05
Red Hat
OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)2013-03-04

💬Community

1
Bugzilla
CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)2013-03-04
CVE-2013-0809 — Integer Overflow or Wraparound | cvebase