CVE-2013-1500 — Use After Free in Oracle JDK
Severity
3.6LOWNVD
EPSS
0.1%
top 74.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 18
Latest updateMay 14
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.
CVSS vector
AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9
Affected Packages4 packages
🔴Vulnerability Details
2GHSA▶
GHSA-w6m9-3g8m-hgf4: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5↗2022-05-14
CVEList▶
CVE-2013-1500: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5↗2013-06-18
📋Vendor Advisories
8💬Community
4Bugzilla
▶
Bugzilla▶
CVE-2013-2871 webkitgtk: use-after-free vulnerability in the handling of input (WSA-2015-0001)↗2015-01-27